Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
20-04-2024 14:57
General
-
Target
fd047a74224274e29409c2b841c2b306_JaffaCakes118.exe
-
Size
681KB
-
MD5
fd047a74224274e29409c2b841c2b306
-
SHA1
94067fbee35addbdb6cc1b330aa6746415382f4f
-
SHA256
71e5de30f627eacb124f9f11d7ba70de43997847e88a61e440593ef9fd776bab
-
SHA512
32ef07e7882efe5109e49b5f48e6dc46e068ffb5a9154c4b0be1456692ada2f3b1a3ea3a0857ad0d4257062f7eac5e9658d910776f359bb0b92f00de5d0c6a52
-
SSDEEP
12288:VoJqNIPtNmO6IOOEp0TMlja7NRl2PSVikIyoyueh+AkHcnLwuukoCOD6zlTjOz+2:VoJEKZ6IEGTMxapRl2PSwHTehy6B8+p4
Score
10/10
Malware Config
Signatures
-
PandaStealer
Panda Stealer is a fork of CollectorProject Stealer written in C++.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\fd047a74224274e29409c2b841c2b306_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\fd047a74224274e29409c2b841c2b306_JaffaCakes118.exe"1⤵
- Suspicious behavior: EnumeratesProcesses