General
-
Target
62038e055bf63755cac6cfdf69f1e0d4_JaffaCakes118
-
Size
471KB
-
Sample
240521-ezch6aha76
-
MD5
62038e055bf63755cac6cfdf69f1e0d4
-
SHA1
02e94ba5ea6c416cb6f9ac553f4b7e4354f0babb
-
SHA256
9c33d3d1b5073788131564de7b6e9422d033d475acaf109897a4ba2dbd410021
-
SHA512
1b09dadcd635639d84ea5d0d4ad5076d89af19ec29ec53bc7867f2133e6e2cdf3b547ce545e6cdcafa1663e8f7b6bf1c5873db0611d626f6f1c7f73c78f59067
-
SSDEEP
12288:lOO7nGAZ/gdQaelxP7vP68nq+6Er0NIy:EvXQaUjvnNP
Malware Config
Targets
-
-
Target
62038e055bf63755cac6cfdf69f1e0d4_JaffaCakes118
-
Size
471KB
-
MD5
62038e055bf63755cac6cfdf69f1e0d4
-
SHA1
02e94ba5ea6c416cb6f9ac553f4b7e4354f0babb
-
SHA256
9c33d3d1b5073788131564de7b6e9422d033d475acaf109897a4ba2dbd410021
-
SHA512
1b09dadcd635639d84ea5d0d4ad5076d89af19ec29ec53bc7867f2133e6e2cdf3b547ce545e6cdcafa1663e8f7b6bf1c5873db0611d626f6f1c7f73c78f59067
-
SSDEEP
12288:lOO7nGAZ/gdQaelxP7vP68nq+6Er0NIy:EvXQaUjvnNP
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Enumerates VirtualBox registry keys
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-