General
-
Target
40a00ba5605df8bbaa13cdba529de522_JaffaCakes118
-
Size
81KB
-
Sample
240713-hm8mlssfkg
-
MD5
40a00ba5605df8bbaa13cdba529de522
-
SHA1
3c00223dcbafd95a9c548b9a98a9e615aef2e4f8
-
SHA256
e26bc00aac2d0dcb538d75f695917236f114f91b5a99ace5a838aec1661e5a7f
-
SHA512
266ae8be2a85eca8c3c26654fc749bc9b298e83763a89fa63a0aa658b3d4655dc343e759481f3c2da8e3bf3fb14a33191e6d4076a0e71676236b85af50d964ea
-
SSDEEP
1536:h9bx7QcYZ+7z90ueaGs/uHgrlcP4H7Ey66dkgrD9j0nfLZN4WZyhXaXK1o:rdAGz90ueaGs/uHAcPLykgrxq9IaXK1o
Malware Config
Extracted
Protocol: smtp- Host:
smtp.gmail.com - Port:
587 - Username:
[email protected] - Password:
motorolka
Targets
-
-
Target
40a00ba5605df8bbaa13cdba529de522_JaffaCakes118
-
Size
81KB
-
MD5
40a00ba5605df8bbaa13cdba529de522
-
SHA1
3c00223dcbafd95a9c548b9a98a9e615aef2e4f8
-
SHA256
e26bc00aac2d0dcb538d75f695917236f114f91b5a99ace5a838aec1661e5a7f
-
SHA512
266ae8be2a85eca8c3c26654fc749bc9b298e83763a89fa63a0aa658b3d4655dc343e759481f3c2da8e3bf3fb14a33191e6d4076a0e71676236b85af50d964ea
-
SSDEEP
1536:h9bx7QcYZ+7z90ueaGs/uHgrlcP4H7Ey66dkgrD9j0nfLZN4WZyhXaXK1o:rdAGz90ueaGs/uHAcPLykgrxq9IaXK1o
Score10/10-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-