General
-
Target
JaffaCakes118_6685ef2968c44a5ff2922a577afa916e
-
Size
193KB
-
Sample
250102-t3527syjhv
-
MD5
6685ef2968c44a5ff2922a577afa916e
-
SHA1
cef995d8d2194397b58917562130469d4bc198f5
-
SHA256
3d0b4527974e06dbbc9cd307940d3c1a7ceace2d39ccfd26ddef94bdd75721ec
-
SHA512
613c75f7bef956ce5eabf52f8bd6024fbf9d4ca489880a15962a811231d7a7ad5b4bec466168a74a9c58e140f73b734643a14b5a8b32ddf89894f57f44e978ff
-
SSDEEP
3072:sr85CPbhbfNaf/dmIMMHstoqmskG+SzLEhA32LEhA3T:k9lbfNaf/7j5C4AO4AD
Malware Config
Targets
-
-
Target
JaffaCakes118_6685ef2968c44a5ff2922a577afa916e
-
Size
193KB
-
MD5
6685ef2968c44a5ff2922a577afa916e
-
SHA1
cef995d8d2194397b58917562130469d4bc198f5
-
SHA256
3d0b4527974e06dbbc9cd307940d3c1a7ceace2d39ccfd26ddef94bdd75721ec
-
SHA512
613c75f7bef956ce5eabf52f8bd6024fbf9d4ca489880a15962a811231d7a7ad5b4bec466168a74a9c58e140f73b734643a14b5a8b32ddf89894f57f44e978ff
-
SSDEEP
3072:sr85CPbhbfNaf/dmIMMHstoqmskG+SzLEhA32LEhA3T:k9lbfNaf/7j5C4AO4AD
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-