General
-
Target
29fd98538352513258ce3e227557c0e8_JaffaCakes118
-
Size
459KB
-
Sample
240707-p6v9ysvfjf
-
MD5
29fd98538352513258ce3e227557c0e8
-
SHA1
852f37b2eeed6245436a496d729b3aa7e5e14e68
-
SHA256
5c7e4b927889538272ab2f56bafa0cf9cd87973c3a388a1a9a7d2d11a0ee2071
-
SHA512
f240ec1c990fdf7ee3615e48d382e3d0422f7931e2febde458a01931d823e5335b7f2062fb705d233339df8df0ae5748032c0eede64ccf9cfd0df8c03931a8af
-
SSDEEP
12288:a3aOZZnaNk09pBKhWSzJmNoVqsd5yAi8YWeR+:a3aMZnSk09pCWSzvf4Ai8vU+
Malware Config
Targets
-
-
Target
29fd98538352513258ce3e227557c0e8_JaffaCakes118
-
Size
459KB
-
MD5
29fd98538352513258ce3e227557c0e8
-
SHA1
852f37b2eeed6245436a496d729b3aa7e5e14e68
-
SHA256
5c7e4b927889538272ab2f56bafa0cf9cd87973c3a388a1a9a7d2d11a0ee2071
-
SHA512
f240ec1c990fdf7ee3615e48d382e3d0422f7931e2febde458a01931d823e5335b7f2062fb705d233339df8df0ae5748032c0eede64ccf9cfd0df8c03931a8af
-
SSDEEP
12288:a3aOZZnaNk09pBKhWSzJmNoVqsd5yAi8YWeR+:a3aMZnSk09pCWSzvf4Ai8vU+
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Enumerates VirtualBox registry keys
-
Drops file in Drivers directory
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-