General
-
Target
JaffaCakes118_687a11068b3ed0df12d3c1c84143da20
-
Size
150KB
-
Sample
250102-1xqtnazqbq
-
MD5
687a11068b3ed0df12d3c1c84143da20
-
SHA1
b17005240f0e1f9d6133102b577e2d5b5501377f
-
SHA256
bbe7526d3682fcc4252e36e299bdbbe723b69c73ef4c70dce8f1d3af0540319d
-
SHA512
b02409a62891d0a70b6a252d4d60874cc26c589aa65fac65c53c53e9f26269b35a2c7c9b278474c8fe3829e134c20cb08bb972f3fd1df6ff5165d1460600e657
-
SSDEEP
1536:kxqjQ+P04wsZLnDrCUNn/2QfBmYjmZ7tVCOLJkWZk3U+DqvBy4ezvICWdZryRFTh:Rr8WDrC42KJmZ7tVCOLJw3U/uICoZW7d
Malware Config
Targets
-
-
Target
JaffaCakes118_687a11068b3ed0df12d3c1c84143da20
-
Size
150KB
-
MD5
687a11068b3ed0df12d3c1c84143da20
-
SHA1
b17005240f0e1f9d6133102b577e2d5b5501377f
-
SHA256
bbe7526d3682fcc4252e36e299bdbbe723b69c73ef4c70dce8f1d3af0540319d
-
SHA512
b02409a62891d0a70b6a252d4d60874cc26c589aa65fac65c53c53e9f26269b35a2c7c9b278474c8fe3829e134c20cb08bb972f3fd1df6ff5165d1460600e657
-
SSDEEP
1536:kxqjQ+P04wsZLnDrCUNn/2QfBmYjmZ7tVCOLJkWZk3U+DqvBy4ezvICWdZryRFTh:Rr8WDrC42KJmZ7tVCOLJw3U/uICoZW7d
Score10/10-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-