General
-
Target
0ca75c455530580b55de0a7f7c61e167_JaffaCakes118
-
Size
524KB
-
Sample
240625-fk6zwsvdql
-
MD5
0ca75c455530580b55de0a7f7c61e167
-
SHA1
7fa5dc2db1a9a1e9cbc1edf0f4961dd0ff16f672
-
SHA256
235e0a53b55d7bf3fe9e7226beb697daf96fd9345f15519ab192f271c9bd99c9
-
SHA512
aa2e43176f686c24fdc1dbf941369770f15bdb62a678da4d40524d3c2ca695040681dcfa41a018442aec51731433bae86299f2529fae9910094a57ae49bc0bff
-
SSDEEP
12288:4+IeCjBxGMHWad7tzUyd/sCmB19yt8JgEh+p:FzA5Hhd7tzUvCmxY
Malware Config
Targets
-
-
Target
0ca75c455530580b55de0a7f7c61e167_JaffaCakes118
-
Size
524KB
-
MD5
0ca75c455530580b55de0a7f7c61e167
-
SHA1
7fa5dc2db1a9a1e9cbc1edf0f4961dd0ff16f672
-
SHA256
235e0a53b55d7bf3fe9e7226beb697daf96fd9345f15519ab192f271c9bd99c9
-
SHA512
aa2e43176f686c24fdc1dbf941369770f15bdb62a678da4d40524d3c2ca695040681dcfa41a018442aec51731433bae86299f2529fae9910094a57ae49bc0bff
-
SSDEEP
12288:4+IeCjBxGMHWad7tzUyd/sCmB19yt8JgEh+p:FzA5Hhd7tzUvCmxY
Score7/10-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-