General

  • Target

    d98360f83d7a8a01b1f5d25d2ed53de6_JaffaCakes118

  • Size

    140KB

  • Sample

    241209-n54n9swqds

  • MD5

    d98360f83d7a8a01b1f5d25d2ed53de6

  • SHA1

    3d878777c8df193b4b7a0860f633c1d99a3aedf1

  • SHA256

    d22b0163b5c934e17f91aba11a592b2d5a376fecf05c1d6ac2a9c6805aa8d0bc

  • SHA512

    24356d8b172a76aaf5b9ae2cbed80642acd072fdf054f3d2810c64cea646ffc13653fd31e4b1aa185dd38709f3eabfee97bc25618fbe781061d38dc816ab5022

  • SSDEEP

    3072:pr8WDrCB50x3ViiOAJ1aWyUEJEcuUhzeS8KwpIqE7jOwgWf3G:FuBuNLGWVEeHUhzlwV

Malware Config

Targets

    • Target

      d98360f83d7a8a01b1f5d25d2ed53de6_JaffaCakes118

    • Size

      140KB

    • MD5

      d98360f83d7a8a01b1f5d25d2ed53de6

    • SHA1

      3d878777c8df193b4b7a0860f633c1d99a3aedf1

    • SHA256

      d22b0163b5c934e17f91aba11a592b2d5a376fecf05c1d6ac2a9c6805aa8d0bc

    • SHA512

      24356d8b172a76aaf5b9ae2cbed80642acd072fdf054f3d2810c64cea646ffc13653fd31e4b1aa185dd38709f3eabfee97bc25618fbe781061d38dc816ab5022

    • SSDEEP

      3072:pr8WDrCB50x3ViiOAJ1aWyUEJEcuUhzeS8KwpIqE7jOwgWf3G:FuBuNLGWVEeHUhzlwV

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks