General

  • Target

    JaffaCakes118_774313bee805db5ec6d28ff2f58c67b0

  • Size

    137KB

  • Sample

    250104-dnnxdazreq

  • MD5

    774313bee805db5ec6d28ff2f58c67b0

  • SHA1

    13e1189be9ee841a6d54cb69a9c8839b67dd3d40

  • SHA256

    7618ae26912da9f1a4f87159916aa78d5f271199e34811334a741b28f805339a

  • SHA512

    2b4b6a0ca5ce4168b98e0eef09d4663a475a272847645506de5f811bafaca544236cc08e3899b5fbca0b6bb06714c32f3e7ce4e2ca47825b092e8eb58d34ddaf

  • SSDEEP

    1536:JxqjQ+P04wsmJC45dzSB3fCViShtxT41IjEf822PC8oqbto1qK:sr85C45dzSB3fCVXh3T41IjEf8QbqO

Malware Config

Targets

    • Target

      JaffaCakes118_774313bee805db5ec6d28ff2f58c67b0

    • Size

      137KB

    • MD5

      774313bee805db5ec6d28ff2f58c67b0

    • SHA1

      13e1189be9ee841a6d54cb69a9c8839b67dd3d40

    • SHA256

      7618ae26912da9f1a4f87159916aa78d5f271199e34811334a741b28f805339a

    • SHA512

      2b4b6a0ca5ce4168b98e0eef09d4663a475a272847645506de5f811bafaca544236cc08e3899b5fbca0b6bb06714c32f3e7ce4e2ca47825b092e8eb58d34ddaf

    • SSDEEP

      1536:JxqjQ+P04wsmJC45dzSB3fCViShtxT41IjEf822PC8oqbto1qK:sr85C45dzSB3fCVXh3T41IjEf8QbqO

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks