General
-
Target
JaffaCakes118_6ac439bab522fb6682dbce95e3da3d70
-
Size
112KB
-
Sample
250103-g6p4yasmcz
-
MD5
6ac439bab522fb6682dbce95e3da3d70
-
SHA1
8aa070aeddb99d9a9aecbcfd51a7d670685e7ec7
-
SHA256
e44c0ed0d15f77e05c12b8e043f521572ad0710b70bffdb22b227b4b540eab57
-
SHA512
7530212d0a31279194dc3d5bac72b8b8ae164e3489ca2e318a6cdba53d14412a733718798047accdb7cb3f100dc29e2fec0f4295a9f80f294f892a690265655d
-
SSDEEP
1536:JxqjQ+P04wsmJCHRqEp+85LQyiAKf77+031ru/qpap4qUqm+rI6:sr85Cxb+aLQs+Wo1/op4qUqfrI6
Malware Config
Targets
-
-
Target
JaffaCakes118_6ac439bab522fb6682dbce95e3da3d70
-
Size
112KB
-
MD5
6ac439bab522fb6682dbce95e3da3d70
-
SHA1
8aa070aeddb99d9a9aecbcfd51a7d670685e7ec7
-
SHA256
e44c0ed0d15f77e05c12b8e043f521572ad0710b70bffdb22b227b4b540eab57
-
SHA512
7530212d0a31279194dc3d5bac72b8b8ae164e3489ca2e318a6cdba53d14412a733718798047accdb7cb3f100dc29e2fec0f4295a9f80f294f892a690265655d
-
SSDEEP
1536:JxqjQ+P04wsmJCHRqEp+85LQyiAKf77+031ru/qpap4qUqm+rI6:sr85Cxb+aLQs+Wo1/op4qUqfrI6
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-