General
-
Target
3995b3899c8194b5994dae21ec05dc29_JaffaCakes118
-
Size
661KB
-
Sample
240512-l96y3sah81
-
MD5
3995b3899c8194b5994dae21ec05dc29
-
SHA1
c57d4607b6b554eeed408280c8774d2f11810545
-
SHA256
29e040545d87b78952867316216099e4bdea944634e190e5029ead282303beb5
-
SHA512
da4cc4a914dca03733154cca3e47033e40380b819a2d00ef54829deaa11e1207631c2e2a81ae32fc6e1b2393591e79a6271b8226316b509c8e1c155f3a7bacc8
-
SSDEEP
12288:luriHHbRBt91s+zrTvsxoz15D0Gi/LR9VOAYf3DSJ7njwbpTyXQ5:2iHHbZssrTvv5D0P/OAScspTyX
Malware Config
Targets
-
-
Target
3995b3899c8194b5994dae21ec05dc29_JaffaCakes118
-
Size
661KB
-
MD5
3995b3899c8194b5994dae21ec05dc29
-
SHA1
c57d4607b6b554eeed408280c8774d2f11810545
-
SHA256
29e040545d87b78952867316216099e4bdea944634e190e5029ead282303beb5
-
SHA512
da4cc4a914dca03733154cca3e47033e40380b819a2d00ef54829deaa11e1207631c2e2a81ae32fc6e1b2393591e79a6271b8226316b509c8e1c155f3a7bacc8
-
SSDEEP
12288:luriHHbRBt91s+zrTvsxoz15D0Gi/LR9VOAYf3DSJ7njwbpTyXQ5:2iHHbZssrTvv5D0P/OAScspTyX
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Enumerates VirtualBox registry keys
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-