General
-
Target
db0122235200942a36136b82ea9f0827_JaffaCakes118
-
Size
361KB
-
Sample
240405-wpsaasaf3t
-
MD5
db0122235200942a36136b82ea9f0827
-
SHA1
cbff5dbccc80801570b0233d6cce791ab21482b2
-
SHA256
ba2b0899331c1629d9fa089249ddbe9a85c402288993ee692e3c25080ba46bac
-
SHA512
2af743db1a2559922ae2458980ec14293a1a50f12fedcbf70b9edfb46706b2fd85959fce84fe005c00a93e9ab94534324f5d0fd2f5703a691ffc4eb2a05f0a5e
-
SSDEEP
6144:IpMM6V8mffCpJipZQeNai1FnRCr8YDgDP9Q5RGoaGozyh7:XsmfaXiHQeN/FnMwYEL9SGoaGo0
Malware Config
Targets
-
-
Target
db0122235200942a36136b82ea9f0827_JaffaCakes118
-
Size
361KB
-
MD5
db0122235200942a36136b82ea9f0827
-
SHA1
cbff5dbccc80801570b0233d6cce791ab21482b2
-
SHA256
ba2b0899331c1629d9fa089249ddbe9a85c402288993ee692e3c25080ba46bac
-
SHA512
2af743db1a2559922ae2458980ec14293a1a50f12fedcbf70b9edfb46706b2fd85959fce84fe005c00a93e9ab94534324f5d0fd2f5703a691ffc4eb2a05f0a5e
-
SSDEEP
6144:IpMM6V8mffCpJipZQeNai1FnRCr8YDgDP9Q5RGoaGozyh7:XsmfaXiHQeN/FnMwYEL9SGoaGo0
Score8/10-
Contacts a large (926) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops file in System32 directory
-