Overview

overview

10

Static

static

3

JaffaCakes...c9.exe

windows7-x64

10

JaffaCakes...c9.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_28423a49df9acd67e569469053c7cbc9

  • Size

    40KB

  • Sample

    250125-e9v39axqan

  • MD5

    28423a49df9acd67e569469053c7cbc9

  • SHA1

    5687df4492c1b90b06e448c6e2ba27e72e94b679

  • SHA256

    ada45049a293faf01fdcb60548ed8a0eadf8dadb6b96408b9706c2525a23eb95

  • SHA512

    de8674b308ba4d38abf60c76016ca9b7cf49912982450e70095fe78eda7a5b733ad048b7b41b8c55214bf59047ac404d74c371e0f812f8eb9ea559512dd397bb

  • SSDEEP

    768:nyxqjQl/EMQt4Oei7RwsHxKANM0nDhlzOQdJ:yxqjQ+P04wsZLnDrC

Score
10/10
neshtadiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      JaffaCakes118_28423a49df9acd67e569469053c7cbc9

    • Size

      40KB

    • MD5

      28423a49df9acd67e569469053c7cbc9

    • SHA1

      5687df4492c1b90b06e448c6e2ba27e72e94b679

    • SHA256

      ada45049a293faf01fdcb60548ed8a0eadf8dadb6b96408b9706c2525a23eb95

    • SHA512

      de8674b308ba4d38abf60c76016ca9b7cf49912982450e70095fe78eda7a5b733ad048b7b41b8c55214bf59047ac404d74c371e0f812f8eb9ea559512dd397bb

    • SSDEEP

      768:nyxqjQl/EMQt4Oei7RwsHxKANM0nDhlzOQdJ:yxqjQ+P04wsZLnDrC

    Score
    10/10
    neshtadiscoverypersistencespywarestealer

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Neshta family

      neshta

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks