General
-
Target
30740353903640073049d2d5e63fcb6c_JaffaCakes118
-
Size
1.1MB
-
Sample
240510-w4ww2aec34
-
MD5
30740353903640073049d2d5e63fcb6c
-
SHA1
0b8afb1147c7ca48fcf1560a85932c9c2b59130f
-
SHA256
94afe7d00b1c901c7a5868f637f673b2b7922f5dbbb2a907ce9b9ba5afdd8e61
-
SHA512
ab94f625cea82f3ee28d3df58934f36c438851448e94fd7059a8595e554919f6372db3f4bc56d972d9122e719dbe4d38f4a350d7d2287c4c124c9dd26d99b9bd
-
SSDEEP
24576:3Hw4EFankbeWmvQ8DRYQLpkZD8kb9F4NPxs6eFKqBIT9OX:3TEFdH8DRYWpk3b9F4HPeFpBW
Malware Config
Targets
-
-
Target
30740353903640073049d2d5e63fcb6c_JaffaCakes118
-
Size
1.1MB
-
MD5
30740353903640073049d2d5e63fcb6c
-
SHA1
0b8afb1147c7ca48fcf1560a85932c9c2b59130f
-
SHA256
94afe7d00b1c901c7a5868f637f673b2b7922f5dbbb2a907ce9b9ba5afdd8e61
-
SHA512
ab94f625cea82f3ee28d3df58934f36c438851448e94fd7059a8595e554919f6372db3f4bc56d972d9122e719dbe4d38f4a350d7d2287c4c124c9dd26d99b9bd
-
SSDEEP
24576:3Hw4EFankbeWmvQ8DRYQLpkZD8kb9F4NPxs6eFKqBIT9OX:3TEFdH8DRYWpk3b9F4HPeFpBW
Score10/10-
Poullight
Poullight is an information stealer first seen in March 2020.
-
Poullight Stealer payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-