General

  • Target

    dc0986df00c52c00466e1eb6587d8150_JaffaCakes118

  • Size

    1.1MB

  • Sample

    241209-3n34qs1jeq

  • MD5

    dc0986df00c52c00466e1eb6587d8150

  • SHA1

    8c77dc3974bc6a310f7c263c71582354201054a7

  • SHA256

    76f50506ff8911584d1df2c998e959c9a0e9e360bc53a69f96d06cf90448bb43

  • SHA512

    4fe068ebb6e461646d3a330db92f69fa83d11af2678e9d7073d3efab2fd03510fb797968ec9b04c533ac1130c3df494223d9e94a855c02a59a5b0dcd346d43c6

  • SSDEEP

    24576:AEVdWKs0KRLZQ22Z5SEaa2Hm58axYFIxIb2T5E:AsctRL2JZ5p58axYFIxIt

Malware Config

Targets

    • Target

      dc0986df00c52c00466e1eb6587d8150_JaffaCakes118

    • Size

      1.1MB

    • MD5

      dc0986df00c52c00466e1eb6587d8150

    • SHA1

      8c77dc3974bc6a310f7c263c71582354201054a7

    • SHA256

      76f50506ff8911584d1df2c998e959c9a0e9e360bc53a69f96d06cf90448bb43

    • SHA512

      4fe068ebb6e461646d3a330db92f69fa83d11af2678e9d7073d3efab2fd03510fb797968ec9b04c533ac1130c3df494223d9e94a855c02a59a5b0dcd346d43c6

    • SSDEEP

      24576:AEVdWKs0KRLZQ22Z5SEaa2Hm58axYFIxIb2T5E:AsctRL2JZ5p58axYFIxIt

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks