Overview

overview

10

Static

static

10

JaffaCakes...84.exe

windows7-x64

10

JaffaCakes...84.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_8cf7d9400636883a3d78a38955706784

  • Size

    40KB

  • Sample

    250329-vxlxtawjv3

  • MD5

    8cf7d9400636883a3d78a38955706784

  • SHA1

    6feac6c35d19d97227e08c0b4a800add4bdaa9b8

  • SHA256

    0536f4b092b703d5b949194ad82d7752f1a1f0f64accaed8c66faef1ad658876

  • SHA512

    7b9e391084a2274d0645d211e3edca92166f36a238ce7bf2f112012e547307ff1da10cf2df285f932abfff817e7520c54d0a01fd0af4bdcfd83c24c246b0583f

  • SSDEEP

    768:QyxqjQl/EMQt4Oei7RwsHxyP7nbLzOQdJ:nxqjQ+P04wsmDC

Score
10/10
neshtadiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      JaffaCakes118_8cf7d9400636883a3d78a38955706784

    • Size

      40KB

    • MD5

      8cf7d9400636883a3d78a38955706784

    • SHA1

      6feac6c35d19d97227e08c0b4a800add4bdaa9b8

    • SHA256

      0536f4b092b703d5b949194ad82d7752f1a1f0f64accaed8c66faef1ad658876

    • SHA512

      7b9e391084a2274d0645d211e3edca92166f36a238ce7bf2f112012e547307ff1da10cf2df285f932abfff817e7520c54d0a01fd0af4bdcfd83c24c246b0583f

    • SSDEEP

      768:QyxqjQl/EMQt4Oei7RwsHxyP7nbLzOQdJ:nxqjQ+P04wsmDC

    Score
    10/10
    neshtadiscoverypersistencespywarestealer

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Neshta family

      neshta

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks