General

  • Target

    JaffaCakes118_3a4e46b080f9c467035ef6742f901706

  • Size

    94KB

  • Sample

    250127-ac1v1szqbv

  • MD5

    3a4e46b080f9c467035ef6742f901706

  • SHA1

    5826921ee02e135eb1c8e4afc2b8500511e4068a

  • SHA256

    17c5ed15c9427a55866762ff40c4930417875fe793d9033ece1f12482e4cf659

  • SHA512

    d5c33c9c2e1c8662ea37c1a02fb458857b21c487fc6594dbda3eb2b25d7880f6282b683f2e44684ab596e1b8d94fdf08325944e7b681fcf167037114a63fc2a2

  • SSDEEP

    1536:kxqjQ+P04wsZLnDrCR47tlDTRc5EPMLbM/ud5tetWvVrbnp3OiT:Rr8WDrCRiPRwBM/O5rv33OiT

Malware Config

Targets

    • Target

      JaffaCakes118_3a4e46b080f9c467035ef6742f901706

    • Size

      94KB

    • MD5

      3a4e46b080f9c467035ef6742f901706

    • SHA1

      5826921ee02e135eb1c8e4afc2b8500511e4068a

    • SHA256

      17c5ed15c9427a55866762ff40c4930417875fe793d9033ece1f12482e4cf659

    • SHA512

      d5c33c9c2e1c8662ea37c1a02fb458857b21c487fc6594dbda3eb2b25d7880f6282b683f2e44684ab596e1b8d94fdf08325944e7b681fcf167037114a63fc2a2

    • SSDEEP

      1536:kxqjQ+P04wsZLnDrCR47tlDTRc5EPMLbM/ud5tetWvVrbnp3OiT:Rr8WDrCRiPRwBM/O5rv33OiT

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks