General
-
Target
4805b88f4c87163118d68fe0dc907cd3_JaffaCakes118
-
Size
492KB
-
Sample
240715-d2fsxsydqd
-
MD5
4805b88f4c87163118d68fe0dc907cd3
-
SHA1
c4e0be4d30474c738f55071a1dfe1ead2419682d
-
SHA256
95cd1431f64c2920485fe550b2037b7d7c75f5bfb3c4cceb6715adf37b9f55ed
-
SHA512
9fdec81bf2b063725f027602bdd97dd2290945e64055f103d58548d2228e7eee2848b23c549b3c015f54bb9c056fc654cfaf46f7a375cc49a7b804ec28007faa
-
SSDEEP
6144:0p+zrjMeETBYxscJBmVgfcqc7WfulW+omFkEUS1guBVrJ/qLl5rbjoFyhC15iezB:AeETBY2cJBm7vi/mFkw1gMV1/O4
Malware Config
Targets
-
-
Target
4805b88f4c87163118d68fe0dc907cd3_JaffaCakes118
-
Size
492KB
-
MD5
4805b88f4c87163118d68fe0dc907cd3
-
SHA1
c4e0be4d30474c738f55071a1dfe1ead2419682d
-
SHA256
95cd1431f64c2920485fe550b2037b7d7c75f5bfb3c4cceb6715adf37b9f55ed
-
SHA512
9fdec81bf2b063725f027602bdd97dd2290945e64055f103d58548d2228e7eee2848b23c549b3c015f54bb9c056fc654cfaf46f7a375cc49a7b804ec28007faa
-
SSDEEP
6144:0p+zrjMeETBYxscJBmVgfcqc7WfulW+omFkEUS1guBVrJ/qLl5rbjoFyhC15iezB:AeETBY2cJBm7vi/mFkw1gMV1/O4
Score7/10-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-