General

  • Target

    JaffaCakes118_6f08b83a823b1531e3d9f4eb30cc9930

  • Size

    40KB

  • Sample

    250103-yaerrssnak

  • MD5

    6f08b83a823b1531e3d9f4eb30cc9930

  • SHA1

    4eb01b48bc2d17893ba76be630b8d308d40ae4c2

  • SHA256

    b008374035b4a903802ec811f26c75c7805bc89ce9d90eae0ab90d71e9047b36

  • SHA512

    384574a1ed43494c86928cef32ee22a9a1c69cff5638af5f1df238992a35e02f66a82b071c5a755bd2361c7b11afa71737c0e9a3fd4489440d9f533893144800

  • SSDEEP

    768:KyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJ:9xqjQ+P04wsmJC

Malware Config

Targets

    • Target

      JaffaCakes118_6f08b83a823b1531e3d9f4eb30cc9930

    • Size

      40KB

    • MD5

      6f08b83a823b1531e3d9f4eb30cc9930

    • SHA1

      4eb01b48bc2d17893ba76be630b8d308d40ae4c2

    • SHA256

      b008374035b4a903802ec811f26c75c7805bc89ce9d90eae0ab90d71e9047b36

    • SHA512

      384574a1ed43494c86928cef32ee22a9a1c69cff5638af5f1df238992a35e02f66a82b071c5a755bd2361c7b11afa71737c0e9a3fd4489440d9f533893144800

    • SSDEEP

      768:KyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJ:9xqjQ+P04wsmJC

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks