General
-
Target
JaffaCakes118_6127a7d6f4f05a7d2b1bf5e40f4b4280
-
Size
120KB
-
Sample
250101-2x3c5ayrdy
-
MD5
6127a7d6f4f05a7d2b1bf5e40f4b4280
-
SHA1
8f297ed10ffbcdfe24be9e0404f833ecd4b3ea46
-
SHA256
b857981aa15ecc049ce3f5b8fb7c784549556ca8a29ec0257d0a0d15322ab1e3
-
SHA512
6e6d52323e6caa5c4954c584dfb767dac90c5c3597484f203e9b8de58e4e1a446ef0521cdcdc2fe3d8a823dc1d9a3bc606c9571db51ac5b1bfd88100d4d09ebb
-
SSDEEP
1536:yxqjQ+P04wsZLnDrC48Tz8NJJJXBMMMMMMMMM23rfbU4VQ+xfdkIX:zr8WDrC4ImJJJXP3rw4i+bkIX
Malware Config
Targets
-
-
Target
JaffaCakes118_6127a7d6f4f05a7d2b1bf5e40f4b4280
-
Size
120KB
-
MD5
6127a7d6f4f05a7d2b1bf5e40f4b4280
-
SHA1
8f297ed10ffbcdfe24be9e0404f833ecd4b3ea46
-
SHA256
b857981aa15ecc049ce3f5b8fb7c784549556ca8a29ec0257d0a0d15322ab1e3
-
SHA512
6e6d52323e6caa5c4954c584dfb767dac90c5c3597484f203e9b8de58e4e1a446ef0521cdcdc2fe3d8a823dc1d9a3bc606c9571db51ac5b1bfd88100d4d09ebb
-
SSDEEP
1536:yxqjQ+P04wsZLnDrC48Tz8NJJJXBMMMMMMMMM23rfbU4VQ+xfdkIX:zr8WDrC4ImJJJXP3rw4i+bkIX
Score10/10-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-