General
-
Target
JaffaCakes118_c1ebd42e9db4dd9c5d49c2daaa61a390
-
Size
222KB
-
Sample
250208-l6t54szmhk
-
MD5
c1ebd42e9db4dd9c5d49c2daaa61a390
-
SHA1
8bec7342326dcb2f010a907d9d73d5b9c221c2f4
-
SHA256
5c4f47a39003ab90efe38d26d8f611c6f5d2cc00dee61b4b39a7d2da117e4800
-
SHA512
d67fc30a1d553c6ef20b5870429e4b6a7bb5918e5a85ee39397112069998938e6df47ac64058901f5fcd1ef27463ccaeddd06414bd5ee3d7fa9476dc619ed347
-
SSDEEP
3072:sr85C/qISw01IZ1yxylBev3ujZqMNh1Gny0is1iyU1Gny0is1iyW:k9/1SZ1IZ1yCvqR3RR3W
Behavioral task
behavioral1
Sample
JaffaCakes118_c1ebd42e9db4dd9c5d49c2daaa61a390.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_c1ebd42e9db4dd9c5d49c2daaa61a390.exe
Resource
win10v2004-20250207-en
Malware Config
Targets
-
-
Target
JaffaCakes118_c1ebd42e9db4dd9c5d49c2daaa61a390
-
Size
222KB
-
MD5
c1ebd42e9db4dd9c5d49c2daaa61a390
-
SHA1
8bec7342326dcb2f010a907d9d73d5b9c221c2f4
-
SHA256
5c4f47a39003ab90efe38d26d8f611c6f5d2cc00dee61b4b39a7d2da117e4800
-
SHA512
d67fc30a1d553c6ef20b5870429e4b6a7bb5918e5a85ee39397112069998938e6df47ac64058901f5fcd1ef27463ccaeddd06414bd5ee3d7fa9476dc619ed347
-
SSDEEP
3072:sr85C/qISw01IZ1yxylBev3ujZqMNh1Gny0is1iyU1Gny0is1iyW:k9/1SZ1IZ1yCvqR3RR3W
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1