General
-
Target
JaffaCakes118_5eb260edc7457cb2d5e6264318d01691
-
Size
230KB
-
Sample
250101-wecf4awkat
-
MD5
5eb260edc7457cb2d5e6264318d01691
-
SHA1
c93dd3e38b7b726b465b6fb7a76a0af12792e8c3
-
SHA256
a19cea5e682255732fac3c23ea7441b355ab39333aa93e6896ea5062b12eb0e1
-
SHA512
596dcafa1dea3d07112db3a2cf4274fac4205580a314ecf490cd737dd749edd5a457fd5c08e282f329ff73c5c802e7f5984a432e096ed78ffc9999d006efcca8
-
SSDEEP
3072:zr8WDrCYyWhLKKKKKU8AAFTbp8ELQHsoOJNuYnZIWH2qWUwZr+EM4EIGKEc6iZjK:PuDfJXnIZOjETxec+bl
Malware Config
Targets
-
-
Target
JaffaCakes118_5eb260edc7457cb2d5e6264318d01691
-
Size
230KB
-
MD5
5eb260edc7457cb2d5e6264318d01691
-
SHA1
c93dd3e38b7b726b465b6fb7a76a0af12792e8c3
-
SHA256
a19cea5e682255732fac3c23ea7441b355ab39333aa93e6896ea5062b12eb0e1
-
SHA512
596dcafa1dea3d07112db3a2cf4274fac4205580a314ecf490cd737dd749edd5a457fd5c08e282f329ff73c5c802e7f5984a432e096ed78ffc9999d006efcca8
-
SSDEEP
3072:zr8WDrCYyWhLKKKKKU8AAFTbp8ELQHsoOJNuYnZIWH2qWUwZr+EM4EIGKEc6iZjK:PuDfJXnIZOjETxec+bl
Score10/10-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-