General

  • Target

    edf7184f9f45fb18c12b2b198aa16c45_JaffaCakes118

  • Size

    594KB

  • Sample

    241214-krfthaymgl

  • MD5

    edf7184f9f45fb18c12b2b198aa16c45

  • SHA1

    33695158a4c91e10fa78b3bc863403ed50035b6e

  • SHA256

    0db7f43a51aeb290bf21c1e29092525236852a3a146c33d3ffe62dd5dcb49223

  • SHA512

    432c8fef8fbbf1bc3ce988c563f500c6f62f3b2174d98ed773e5cd1067058ba5c58525e1943dc29c2d7154bb7ae1fc4a46027b2dc51b14fa18c42cb7994f7de9

  • SSDEEP

    12288:UggTSWAJR0p/StdpxHHF/XWs3KI/IDdFCPXIDdFCPn:mTjAJR0JStdpxHHF/r/IDdEXIDdEn

Malware Config

Targets

    • Target

      edf7184f9f45fb18c12b2b198aa16c45_JaffaCakes118

    • Size

      594KB

    • MD5

      edf7184f9f45fb18c12b2b198aa16c45

    • SHA1

      33695158a4c91e10fa78b3bc863403ed50035b6e

    • SHA256

      0db7f43a51aeb290bf21c1e29092525236852a3a146c33d3ffe62dd5dcb49223

    • SHA512

      432c8fef8fbbf1bc3ce988c563f500c6f62f3b2174d98ed773e5cd1067058ba5c58525e1943dc29c2d7154bb7ae1fc4a46027b2dc51b14fa18c42cb7994f7de9

    • SSDEEP

      12288:UggTSWAJR0p/StdpxHHF/XWs3KI/IDdFCPXIDdFCPn:mTjAJR0JStdpxHHF/r/IDdEXIDdEn

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks