General
-
Target
JaffaCakes118_752495bb0c8cce837452f609aefb8872
-
Size
310KB
-
Sample
250201-ykwg9syqep
-
MD5
752495bb0c8cce837452f609aefb8872
-
SHA1
bdf8aff309dd7143b819172d77a6ab2c49ee1f73
-
SHA256
45ba86e286db7adbe40ccb93156f29d55c3dfc79773776d4e8599267b5dde887
-
SHA512
4a23239f9e42e6ea4ea364b7ebc6ee2b3dda5175b017ec349fac56dfb1e60dbaa6570655aa1e01ff5aa98186d8b2e73e4c5c1868501dee1077b38732402f332c
-
SSDEEP
3072:zr8WDrCiwnbwUT8IUxkC+b53DU1rFh3FLvfLzo63JlPDZJoqLHYcrlwnxT1S1ZeH:PuFbwsX9bVIrpLvfLzoy7NJoqsJe2p
Malware Config
Targets
-
-
Target
JaffaCakes118_752495bb0c8cce837452f609aefb8872
-
Size
310KB
-
MD5
752495bb0c8cce837452f609aefb8872
-
SHA1
bdf8aff309dd7143b819172d77a6ab2c49ee1f73
-
SHA256
45ba86e286db7adbe40ccb93156f29d55c3dfc79773776d4e8599267b5dde887
-
SHA512
4a23239f9e42e6ea4ea364b7ebc6ee2b3dda5175b017ec349fac56dfb1e60dbaa6570655aa1e01ff5aa98186d8b2e73e4c5c1868501dee1077b38732402f332c
-
SSDEEP
3072:zr8WDrCiwnbwUT8IUxkC+b53DU1rFh3FLvfLzo63JlPDZJoqLHYcrlwnxT1S1ZeH:PuFbwsX9bVIrpLvfLzoy7NJoqsJe2p
Score10/10-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-