General
-
Target
25ff4bc25c23468a911d2990a6aaefa5_JaffaCakes118
-
Size
828KB
-
Sample
240704-x89jcsxdpa
-
MD5
25ff4bc25c23468a911d2990a6aaefa5
-
SHA1
061423db86b71f9c8acdd975d3eeb291d50ce9bb
-
SHA256
eda0f6957ca0fde8313fe7b105feebbaaf485895a215f9b2841ee2e131c2d1f8
-
SHA512
02973c11054ff038aa0d0970c84bab2cc586eff66288fc256ae0fc897ec38e4bb51582989d07e2588b3edd3e92c56ca31c466a8ffe9d57bc5298ff1793f1f7cf
-
SSDEEP
24576:uohPYM+iMtSYnP9phFEW6nFIb0mlZkCWLl:ngizYn1PF7EFIwmOh
Malware Config
Targets
-
-
Target
25ff4bc25c23468a911d2990a6aaefa5_JaffaCakes118
-
Size
828KB
-
MD5
25ff4bc25c23468a911d2990a6aaefa5
-
SHA1
061423db86b71f9c8acdd975d3eeb291d50ce9bb
-
SHA256
eda0f6957ca0fde8313fe7b105feebbaaf485895a215f9b2841ee2e131c2d1f8
-
SHA512
02973c11054ff038aa0d0970c84bab2cc586eff66288fc256ae0fc897ec38e4bb51582989d07e2588b3edd3e92c56ca31c466a8ffe9d57bc5298ff1793f1f7cf
-
SSDEEP
24576:uohPYM+iMtSYnP9phFEW6nFIb0mlZkCWLl:ngizYn1PF7EFIwmOh
Score7/10-
Reads WinSCP keys stored on the system
Tries to access WinSCP stored sessions.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-