General
-
Target
25af686d1c6c4276a6203e2f53f3136d_JaffaCakes118
-
Size
787KB
-
Sample
240704-wflfdstapg
-
MD5
25af686d1c6c4276a6203e2f53f3136d
-
SHA1
27313f634ce90f533fad3948cdaf26c5729f3501
-
SHA256
6c403b1aa0032a28942821814781031abe8c8cf4ad250e6755e2eb8854b5d1c8
-
SHA512
4edb2440aa6942d62b46b0f919539ce3a9fac352a8bc50ee32a93a3d39f51ce362051a0f156ee2af5a15f4dea83c93bde647b553ecc30e7559dfcaa2d26041bc
-
SSDEEP
12288:sJi8JDI8bX0aeilDpl5UVJ1ROsUSpwprK+NaLztO+rV/HMKC:AiWDrbn9png1Rp+R+rtHMKC
Behavioral task
behavioral1
Sample
25af686d1c6c4276a6203e2f53f3136d_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
25af686d1c6c4276a6203e2f53f3136d_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
25af686d1c6c4276a6203e2f53f3136d_JaffaCakes118
-
Size
787KB
-
MD5
25af686d1c6c4276a6203e2f53f3136d
-
SHA1
27313f634ce90f533fad3948cdaf26c5729f3501
-
SHA256
6c403b1aa0032a28942821814781031abe8c8cf4ad250e6755e2eb8854b5d1c8
-
SHA512
4edb2440aa6942d62b46b0f919539ce3a9fac352a8bc50ee32a93a3d39f51ce362051a0f156ee2af5a15f4dea83c93bde647b553ecc30e7559dfcaa2d26041bc
-
SSDEEP
12288:sJi8JDI8bX0aeilDpl5UVJ1ROsUSpwprK+NaLztO+rV/HMKC:AiWDrbn9png1Rp+R+rtHMKC
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Drops file in System32 directory
-