General
-
Target
3ddb6ab154b4d6c858cd9fd6a00e7a1e_JaffaCakes118
-
Size
451KB
-
Sample
240330-rqqewaha52
-
MD5
3ddb6ab154b4d6c858cd9fd6a00e7a1e
-
SHA1
8164d1e69f64d704666c17b73a4bb5fff183c3f0
-
SHA256
10ac8966e02237c00032b6589eeb69064acaef80581e90ef2c6581ce310915ce
-
SHA512
88a7c0df91a1a7ef8a6d8acbb17027e31115bf2e89fe2a5bda3582c8536d19648a1331ceae3702eb86ccfbbc9d3208f09368c5cd2e274cb6ce05f61225dd65b1
-
SSDEEP
12288:9EshC7lhsBA8kgENCb4p5RrAJQQXFruxvBz2d:gIe04tAJQQX2Jz
Malware Config
Targets
-
-
Target
3ddb6ab154b4d6c858cd9fd6a00e7a1e_JaffaCakes118
-
Size
451KB
-
MD5
3ddb6ab154b4d6c858cd9fd6a00e7a1e
-
SHA1
8164d1e69f64d704666c17b73a4bb5fff183c3f0
-
SHA256
10ac8966e02237c00032b6589eeb69064acaef80581e90ef2c6581ce310915ce
-
SHA512
88a7c0df91a1a7ef8a6d8acbb17027e31115bf2e89fe2a5bda3582c8536d19648a1331ceae3702eb86ccfbbc9d3208f09368c5cd2e274cb6ce05f61225dd65b1
-
SSDEEP
12288:9EshC7lhsBA8kgENCb4p5RrAJQQXFruxvBz2d:gIe04tAJQQX2Jz
Score10/10-
44Caliber
An open source infostealer written in C#.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-