General
-
Target
JaffaCakes118_30c621c151061c289bedf6767d3ea2b7
-
Size
526KB
-
Sample
250125-3z845awphk
-
MD5
30c621c151061c289bedf6767d3ea2b7
-
SHA1
b88e8b7f01e6436243a1cddbedeb29a65f8e4311
-
SHA256
58e53fce7ac9540f37b4e993e0e4cd8b8f471b14772134788645581f10bbed1d
-
SHA512
be97fd5d5b2aaae92f21ae66e0f7c8843edf83e6419a19ae98f7e2d9a09176f4401c0fdd34fd5b87cad113f7445041e4e5238854cb0632a5b3779db2546e6a24
-
SSDEEP
6144:k9+fU+kkUd9L/lDH2B0jLjNsJ6uq5STCSHn9gLmnQ1MQyP74CkG1fwtLVbLm7oBe:dshFH2qj1siPSHn3naMQCWGp4EeuH2e3
Malware Config
Targets
-
-
Target
JaffaCakes118_30c621c151061c289bedf6767d3ea2b7
-
Size
526KB
-
MD5
30c621c151061c289bedf6767d3ea2b7
-
SHA1
b88e8b7f01e6436243a1cddbedeb29a65f8e4311
-
SHA256
58e53fce7ac9540f37b4e993e0e4cd8b8f471b14772134788645581f10bbed1d
-
SHA512
be97fd5d5b2aaae92f21ae66e0f7c8843edf83e6419a19ae98f7e2d9a09176f4401c0fdd34fd5b87cad113f7445041e4e5238854cb0632a5b3779db2546e6a24
-
SSDEEP
6144:k9+fU+kkUd9L/lDH2B0jLjNsJ6uq5STCSHn9gLmnQ1MQyP74CkG1fwtLVbLm7oBe:dshFH2qj1siPSHn3naMQCWGp4EeuH2e3
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-