General
-
Target
JaffaCakes118_bdc7fc42401db00e21d884a7c4a86819
-
Size
4.6MB
-
Sample
250208-cd6trsypft
-
MD5
bdc7fc42401db00e21d884a7c4a86819
-
SHA1
1b6ab4ac43e868d1f2493b1ac2090d74ad8d29ba
-
SHA256
40da7104fa771fef105b8fbf9dcf2af66a788de7f4bb1de3253ab98abf66dcd3
-
SHA512
62f19ac1270699a2c771bfeb0952462e6f4657ea61f8627af93150a5ebb71b91390dfa794fa48575093fd43b89cea266f502dc4e6cc7c5ffe065dc182276a35a
-
SSDEEP
49152:UqJqbG6IK1DcL5bG0ni4TjWh25ZB4j7eJN9GA7cibljm9vOfjYl/mGi0TTqpSQUf:lcNIK1g5bGmjI7eJeAsvO770P3QUfDL
Malware Config
Targets
-
-
Target
JaffaCakes118_bdc7fc42401db00e21d884a7c4a86819
-
Size
4.6MB
-
MD5
bdc7fc42401db00e21d884a7c4a86819
-
SHA1
1b6ab4ac43e868d1f2493b1ac2090d74ad8d29ba
-
SHA256
40da7104fa771fef105b8fbf9dcf2af66a788de7f4bb1de3253ab98abf66dcd3
-
SHA512
62f19ac1270699a2c771bfeb0952462e6f4657ea61f8627af93150a5ebb71b91390dfa794fa48575093fd43b89cea266f502dc4e6cc7c5ffe065dc182276a35a
-
SSDEEP
49152:UqJqbG6IK1DcL5bG0ni4TjWh25ZB4j7eJN9GA7cibljm9vOfjYl/mGi0TTqpSQUf:lcNIK1g5bGmjI7eJeAsvO770P3QUfDL
Score10/10-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1