General
-
Target
73f79de2cf4c06a5c7d6d6ac1d239a45_JaffaCakes118
-
Size
17.1MB
-
Sample
240526-b9halsbc52
-
MD5
73f79de2cf4c06a5c7d6d6ac1d239a45
-
SHA1
7cdd06dc710f509aa7df95c61076ac1146bdab7c
-
SHA256
b43403c0a91577e2fec68c0213a3222bdfb31badca45a59eaeada026cf8120b9
-
SHA512
7702f6aa99408a70ebba9982381218db9e19d924c5b1875a6fd0751eba5b7ce099e12966ab46b11a9c51b292bfc4632235904674348235eebf10ca5fa9a33f98
-
SSDEEP
393216:1aw6jwI7Cu++3iDe72DAyI8gFoExGYHOYi1BZzkUXE63P5YR3/J+:Ew6jwusDrDjetwYHU1BlkwfPYPk
Malware Config
Targets
-
-
Target
CCleanerPro_Ver.5.57.7182_Chs/CCleaner.exe
-
Size
16.3MB
-
MD5
1da41756212be1ba59ee5e5d910e8f9b
-
SHA1
cbba9cb8e6e88a03499b8085a102a71cf9c8625f
-
SHA256
a2a96b00f8b89434fc231f901bf66bdf4b62526faf65a3ce16587643b04a97c6
-
SHA512
9aa7c5ffc25b3fa0fa7579aba2245bca945c60696bbd253f5ceea78c3cbc129d52f4e65f18499a623c3067d8bd62b92b57e2325835c942cad73057e72ae8181d
-
SSDEEP
196608:F/1HeOdzVD9lxIK/uTYTPHxBgSx6UrqNL+sfNUa1Dvu:zfdL8TYrHxBgSkUrqNvjvu
Score6/10-
Checks for any installed AV software in registry
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
CCleanerPro_Ver.5.57.7182_Chs/CCleaner64.exe
-
Size
22.0MB
-
MD5
30745c4f8e82d890fe58d3e5f8c496f3
-
SHA1
7c1e8e45b7364a81ac184a646908608bbdaaeecb
-
SHA256
8eeb2d1bf58fe0714ae2e5acb0dd4b7eb1f4227e439fa56c61c8d76f0f3c1c8b
-
SHA512
9896289c029d571caa648451876514710e0ab73303b18a79172c8fe2289e18302b0a9e065287e21b9f466cad622fd425c57ad7edb68dd1b1fcc42e491adc629d
-
SSDEEP
196608:KKG+kw+yVU2q/ll7n+Kqps5arqNIVUzjdfNUa1:RGl1silVnpqi5arqNM0jj
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks for any installed AV software in registry
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
CCleanerPro_Ver.5.57.7182_Chs/branding.dll
-
Size
59KB
-
MD5
ac853780c0769e9bce0cffd8305c5cce
-
SHA1
550ef20bad9a2a83374fe5f425be73a1a8dad094
-
SHA256
4844b9b507a4526cd459f08506b8dbbe66c018c3e01350a2b96ed33396306750
-
SHA512
fcb7d6e0593e9a894a0f99f91fb47a7acc1be8acf30a448dfba747afa336b7e52eca4e6be9c811784bb33c75e22ff5b0ad6d313377171336ccdcbfa1497ae5c3
-
SSDEEP
768:wx/SWE1b2Rz9pYj9+Emxt1dRn1E1WZAj87jr++nnmym57vkmyY6pbQhd:gqKRz9pYE1swij55fyY6pba
Score1/10 -
-
-
Target
ͼ۸.url
-
Size
63B
-
MD5
825aead907928272036c3bc09a4e5c9f
-
SHA1
d71556c91ece942170396dfcfbfa0e174b5e46b6
-
SHA256
1abba7efcffd9ed10a45deeddd1d900337a0991530dc6621bd205b08a695c8c3
-
SHA512
cff4a802b7e632dc672a20ddf8caf5d3ee4764a9245ba305b05151a7ecbdaf10b0a0a1d4119d2ba8e83997bfcffadee21f187f3d449ad3c5d956954db311c55c
Score1/10 -