Overview

overview

10

Static

static

3

df84d4d840...18.exe

windows7-x64

10

df84d4d840...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    df84d4d8405bf3dcfb9e8c5f9a38d5d2_JaffaCakes118

  • Size

    40KB

  • Sample

    241211-cvxmeswlek

  • MD5

    df84d4d8405bf3dcfb9e8c5f9a38d5d2

  • SHA1

    83c8566d17af982af28e9ef09123a1c5db9d9b89

  • SHA256

    823da565d960739343681593724fc7dbabe59960c2c6201bbdeecbce25a38c60

  • SHA512

    2203221e5f1bce19f090d093dcebb8ee5df7e5af6e9a181895c3c82e21866b34e0360b1beca8f00002d3793cd91f56f19888ac0805e8f9b2ad7fa66f15c6f4d5

  • SSDEEP

    768:nyxqjQl/EMQt4Oei7RwsHxKANM0nDhlzOQdJ:yxqjQ+P04wsZLnDrC

Score
10/10
neshtadiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      df84d4d8405bf3dcfb9e8c5f9a38d5d2_JaffaCakes118

    • Size

      40KB

    • MD5

      df84d4d8405bf3dcfb9e8c5f9a38d5d2

    • SHA1

      83c8566d17af982af28e9ef09123a1c5db9d9b89

    • SHA256

      823da565d960739343681593724fc7dbabe59960c2c6201bbdeecbce25a38c60

    • SHA512

      2203221e5f1bce19f090d093dcebb8ee5df7e5af6e9a181895c3c82e21866b34e0360b1beca8f00002d3793cd91f56f19888ac0805e8f9b2ad7fa66f15c6f4d5

    • SSDEEP

      768:nyxqjQl/EMQt4Oei7RwsHxKANM0nDhlzOQdJ:yxqjQ+P04wsZLnDrC

    Score
    10/10
    neshtadiscoverypersistencespywarestealer

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Neshta family

      neshta

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks