General

  • Target

    e4c1a63cd568339cf702bb840f51742d_JaffaCakes118

  • Size

    40KB

  • Sample

    241212-fenalavrdn

  • MD5

    e4c1a63cd568339cf702bb840f51742d

  • SHA1

    a059f2d1c0a515333f37cf1b049e94a55f0c3b89

  • SHA256

    e835d274ef2ef7eebe60c20e078467770a5383fd5d6eec64c57c719534c29dbf

  • SHA512

    6ac780eed6d1b7ad989c3f5e0e9affb44421fcc47db9daf96798e0dda8f3ad9f66818efca96386f372d44869576023a3b88a9d85c929118bc7ef9d288b204630

  • SSDEEP

    768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJ:JxqjQ+P04wsmJC

Malware Config

Targets

    • Target

      e4c1a63cd568339cf702bb840f51742d_JaffaCakes118

    • Size

      40KB

    • MD5

      e4c1a63cd568339cf702bb840f51742d

    • SHA1

      a059f2d1c0a515333f37cf1b049e94a55f0c3b89

    • SHA256

      e835d274ef2ef7eebe60c20e078467770a5383fd5d6eec64c57c719534c29dbf

    • SHA512

      6ac780eed6d1b7ad989c3f5e0e9affb44421fcc47db9daf96798e0dda8f3ad9f66818efca96386f372d44869576023a3b88a9d85c929118bc7ef9d288b204630

    • SSDEEP

      768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJ:JxqjQ+P04wsmJC

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks