Extracted

• • Target

    f5e11b62f485aa1e95073c665a147cd2_JaffaCakes118

  • Size

    397KB

  • MD5

    f5e11b62f485aa1e95073c665a147cd2

  • SHA1

    d71acedc812f72756b756e23fbc5c756d163ad48

  • SHA256

    1b466bd2985862702ab9fb242e0c79e27dd2c4b4c676d9ba44d6bef3e93b1534

  • SHA512

    df152055bb196822c638cf0a824907884076ebb65200535362d545a1d5c78e29631c8cef2651c1a944e43ac74b554ec4156efe36acf3465824a96f37e28fed96

  • SSDEEP

    12288:VVWv1DWVrUhKHElWxsGTnBF1gIscpMz2+DPqMYIa7Pm6:VcDWVr0eE1UnBF1ggGz5bnYIa7

  Score

  10^/10

  oskizgratinfostealerratspywarestealer

  • Detect ZGRat V1

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • ZGRat

    ZGRat is remote access trojan written in C#.

    ratzgrat

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2