General
-
Target
38c110e79f8a4927f2f27f2ef0af29d8_JaffaCakes118
-
Size
815KB
-
Sample
240711-mk638asfkq
-
MD5
38c110e79f8a4927f2f27f2ef0af29d8
-
SHA1
653f84f538eed0a050a8b389f7d27d9fb5599a36
-
SHA256
73f182dac264dbd4f58be08d0d2dc6c4afc3b4c937367bd7844d78b1d3e08f11
-
SHA512
144cdbe829239fd0555c7682b65dab075ddadf7d4c97ed2561be88c179df43bbc4ac8f9ab4f0428f32a8dd234004d021ffb4703cd98525191d7888d7e2f9347e
-
SSDEEP
12288:DmEPOxXezjdoLFynOc96E9h27parKqfrfDgPKCOB8zC2b4jZGrqFOQTXJ+tl8HqF:SU+X8j6F5p7parV/dGv4jZGrUvqx8E
Malware Config
Targets
-
-
Target
38c110e79f8a4927f2f27f2ef0af29d8_JaffaCakes118
-
Size
815KB
-
MD5
38c110e79f8a4927f2f27f2ef0af29d8
-
SHA1
653f84f538eed0a050a8b389f7d27d9fb5599a36
-
SHA256
73f182dac264dbd4f58be08d0d2dc6c4afc3b4c937367bd7844d78b1d3e08f11
-
SHA512
144cdbe829239fd0555c7682b65dab075ddadf7d4c97ed2561be88c179df43bbc4ac8f9ab4f0428f32a8dd234004d021ffb4703cd98525191d7888d7e2f9347e
-
SSDEEP
12288:DmEPOxXezjdoLFynOc96E9h27parKqfrfDgPKCOB8zC2b4jZGrqFOQTXJ+tl8HqF:SU+X8j6F5p7parV/dGv4jZGrUvqx8E
Score7/10-
Reads WinSCP keys stored on the system
Tries to access WinSCP stored sessions.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-