General
-
Target
JaffaCakes118_5e92d0d13994fb1f7fe1e056a14da687
-
Size
733KB
-
Sample
250101-wb1dravrg1
-
MD5
5e92d0d13994fb1f7fe1e056a14da687
-
SHA1
4a27ce393217777008c5dc30f489e723cf79f222
-
SHA256
2474426e0195485c5077cf5b9af8a8405c3ff247570a1ca17698dcdda2ce9602
-
SHA512
8ee56483e9224ab16d73f6bed1338f4d2808b28e929ef8cba5453764ed1abe474254f614c1d619a24ceb92d741253362db98f36ce686bf0ede05dd4294d5e254
-
SSDEEP
12288:vUhnhZXSBhi/L+qSyRNIdOqbDDGiptXyw9V1VVV4d0ym7twMzaDLW6pG0:vU5hZXSfi/L+qSycGiptXyd8mlDy6pG0
Malware Config
Targets
-
-
Target
JaffaCakes118_5e92d0d13994fb1f7fe1e056a14da687
-
Size
733KB
-
MD5
5e92d0d13994fb1f7fe1e056a14da687
-
SHA1
4a27ce393217777008c5dc30f489e723cf79f222
-
SHA256
2474426e0195485c5077cf5b9af8a8405c3ff247570a1ca17698dcdda2ce9602
-
SHA512
8ee56483e9224ab16d73f6bed1338f4d2808b28e929ef8cba5453764ed1abe474254f614c1d619a24ceb92d741253362db98f36ce686bf0ede05dd4294d5e254
-
SSDEEP
12288:vUhnhZXSBhi/L+qSyRNIdOqbDDGiptXyw9V1VVV4d0ym7twMzaDLW6pG0:vU5hZXSfi/L+qSycGiptXyd8mlDy6pG0
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-