General
-
Target
3bac0b83c9fd724969bcd5fd5ff3a979_JaffaCakes118
-
Size
814KB
-
Sample
240712-czpglsxdrh
-
MD5
3bac0b83c9fd724969bcd5fd5ff3a979
-
SHA1
e0d32ed0d7b73c121afd0e5c2f221aa5f666edc3
-
SHA256
3c32d3ebda1973b93812fcee6eacbbb72bab64bc07be5e7e2b1f1e36b66f81a8
-
SHA512
e33184216467817c9b5be4e3cb4f0e63bfb5d49cd2ab9193da24e79add9e1f4730982b6d4964df170747c5039ff7c83cc4f492fab0a21f27ec9dba437f926921
-
SSDEEP
12288:peZngVCTCp5jjEF9VF7uZa8xbqwW8ciwTQlE4ncM4PUaLYKzhzVzcpSw0Az3:pGHO83a0BBQlE4niU0YKlzVwsVAz3
Malware Config
Targets
-
-
Target
3bac0b83c9fd724969bcd5fd5ff3a979_JaffaCakes118
-
Size
814KB
-
MD5
3bac0b83c9fd724969bcd5fd5ff3a979
-
SHA1
e0d32ed0d7b73c121afd0e5c2f221aa5f666edc3
-
SHA256
3c32d3ebda1973b93812fcee6eacbbb72bab64bc07be5e7e2b1f1e36b66f81a8
-
SHA512
e33184216467817c9b5be4e3cb4f0e63bfb5d49cd2ab9193da24e79add9e1f4730982b6d4964df170747c5039ff7c83cc4f492fab0a21f27ec9dba437f926921
-
SSDEEP
12288:peZngVCTCp5jjEF9VF7uZa8xbqwW8ciwTQlE4ncM4PUaLYKzhzVzcpSw0Az3:pGHO83a0BBQlE4niU0YKlzVwsVAz3
Score7/10-
Reads WinSCP keys stored on the system
Tries to access WinSCP stored sessions.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-