General
-
Target
JaffaCakes118_773eb17f7dba6b359affa8dd353b389f
-
Size
434KB
-
Sample
250104-dlewpaxray
-
MD5
773eb17f7dba6b359affa8dd353b389f
-
SHA1
584c03e869ccd34ccc4f3611594b107a9e08533c
-
SHA256
6db8d3ce0c8918b208a4e6da0066fa073717954910cb8562f9d6878833a3ab8d
-
SHA512
867c6f2bdbdcf35ba40a2a7dc162c503c074db88ffc2eafd471c805eab0529460b8032ff2651d994524daa5b2f20cf12dbb942f76b1c7a581ca2109149cdfb90
-
SSDEEP
12288:8ftlPJjSZCXWEAQLQV+EVUL/kbEIKL1wTNu+MAqy:8ftlPJjSEnAQLQV+EqL/GEIKL1l+Jqy
Malware Config
Targets
-
-
Target
JaffaCakes118_773eb17f7dba6b359affa8dd353b389f
-
Size
434KB
-
MD5
773eb17f7dba6b359affa8dd353b389f
-
SHA1
584c03e869ccd34ccc4f3611594b107a9e08533c
-
SHA256
6db8d3ce0c8918b208a4e6da0066fa073717954910cb8562f9d6878833a3ab8d
-
SHA512
867c6f2bdbdcf35ba40a2a7dc162c503c074db88ffc2eafd471c805eab0529460b8032ff2651d994524daa5b2f20cf12dbb942f76b1c7a581ca2109149cdfb90
-
SSDEEP
12288:8ftlPJjSZCXWEAQLQV+EVUL/kbEIKL1wTNu+MAqy:8ftlPJjSEnAQLQV+EqL/GEIKL1l+Jqy
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-