General
-
Target
489d3f9889ba512c61485e95d0ea35f1_JaffaCakes118
-
Size
865KB
-
Sample
240715-g9rryavhkg
-
MD5
489d3f9889ba512c61485e95d0ea35f1
-
SHA1
38a7f3815d95bd566eeb5d007cedce9f6e3da57b
-
SHA256
6f1f002e1e65a05f4f8150f9cc32653a58fcbaed7641b8a7ff0ccab661cac134
-
SHA512
287c24de8eb84af58f68a4b1ceef071ff141fbb4d942ac720ae5a2fa67aea884879e090d7bd34f71c1198c140eb2bb57eadb59a1178e97a31657ad91f307aaad
-
SSDEEP
24576:202W0LdOhOHqUE5MmKoWtFLQmD1ni26HdjBQEql:D2W0LdOhMqUEZKoWtJYHNB1q
Malware Config
Targets
-
-
Target
489d3f9889ba512c61485e95d0ea35f1_JaffaCakes118
-
Size
865KB
-
MD5
489d3f9889ba512c61485e95d0ea35f1
-
SHA1
38a7f3815d95bd566eeb5d007cedce9f6e3da57b
-
SHA256
6f1f002e1e65a05f4f8150f9cc32653a58fcbaed7641b8a7ff0ccab661cac134
-
SHA512
287c24de8eb84af58f68a4b1ceef071ff141fbb4d942ac720ae5a2fa67aea884879e090d7bd34f71c1198c140eb2bb57eadb59a1178e97a31657ad91f307aaad
-
SSDEEP
24576:202W0LdOhOHqUE5MmKoWtFLQmD1ni26HdjBQEql:D2W0LdOhMqUEZKoWtJYHNB1q
Score7/10-
Reads WinSCP keys stored on the system
Tries to access WinSCP stored sessions.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-