General
-
Target
16ed0114ef6ec11a5ce7ae23588dfab9_JaffaCakes118
-
Size
320KB
-
Sample
240627-wc5pvsvcrm
-
MD5
16ed0114ef6ec11a5ce7ae23588dfab9
-
SHA1
0c09540c9abd87af9c6b90e4d432b56740e30bd8
-
SHA256
3f418812137261ec0e3677a881c5617396e8a8689457c7afb02f06b1d731b21a
-
SHA512
0b393213856e73025d9bb0bdb0df56c8341b890b04e6c05bce20fe6abc610ba42f5033f26c0747cbcaf626d8fc9786767320f0e066ee0b1436842983bbc781de
-
SSDEEP
6144:PqtdkW7XaUTrgHyt1hmbPa4WpYR90MEKzrUX3Uz6AZDWGuxLir:MZs+1QbPa4WKR90MEKz/a0r
Malware Config
Targets
-
-
Target
16ed0114ef6ec11a5ce7ae23588dfab9_JaffaCakes118
-
Size
320KB
-
MD5
16ed0114ef6ec11a5ce7ae23588dfab9
-
SHA1
0c09540c9abd87af9c6b90e4d432b56740e30bd8
-
SHA256
3f418812137261ec0e3677a881c5617396e8a8689457c7afb02f06b1d731b21a
-
SHA512
0b393213856e73025d9bb0bdb0df56c8341b890b04e6c05bce20fe6abc610ba42f5033f26c0747cbcaf626d8fc9786767320f0e066ee0b1436842983bbc781de
-
SSDEEP
6144:PqtdkW7XaUTrgHyt1hmbPa4WpYR90MEKzrUX3Uz6AZDWGuxLir:MZs+1QbPa4WKR90MEKz/a0r
Score7/10-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-