Extracted

• • Target

    22fbdbddd05ab5346e7a7f5adb79cc2e_JaffaCakes118

  • Size

    5.5MB

  • MD5

    22fbdbddd05ab5346e7a7f5adb79cc2e

  • SHA1

    d42ad7f2723f699cc7de6fa079fb5373d81802d3

  • SHA256

    2ea6afd8cd172d7a43de0e037d7250b9036de4b87e1f0c10ba04c286c8c58704

  • SHA512

    c6b342f3fa6c6bf70f3f56a94fc29fd8a45cdda7b31f5654c10b9fa6af7bc2f52680c65a1d8ccc6c8eb52b71069c97d78e5089770bb1da40df39f18be643c3e2

  • SSDEEP

    98304:AH7CgqLPRPYv7cZuwYx72XPo0+X+6zVfdUgqr2/xCQM70GpdQwssWhLcm0kch/0:A+gqLKB2p5c1UP2zM701wsxLN9ch/0

  Score

  10^/10

  arkeibabadedadefaultcrypterloaderstealer

  • Arkei

    Arkei is an infostealer written in C++.

    stealerarkei

  • Babadeda

    Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.

    loadercrypterbabadeda

  • Babadeda Crypter

  • Executes dropped EXE

  • Loads dropped DLL

  • Blocklisted process makes network request

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2