General
-
Target
616dd8445a7667aef37ec4922fc49afc_JaffaCakes118
-
Size
191KB
-
Sample
240721-z4hwysxdlr
-
MD5
616dd8445a7667aef37ec4922fc49afc
-
SHA1
dd3ed9429a39620683704315491f3652717c547c
-
SHA256
163dcf9cc993313b73d77a59c2d77546c1ee5772e238f5beb2bb9a4754b5bf66
-
SHA512
72f1670de021ca1690ace61ee72f41ae7939a6aba89df084f625876e7712a48e9c483f2aae2838f504042b5d809d3cd85615d60dbc0bead0bf9c4d0d590e905e
-
SSDEEP
3072:X2WwClXMPvigKs4pkuVlxF5GWp1icKAArDZz4N9GhbkrNEk1Lz8VEHL6Cn:GWwCl8PaBsyVTp0yN90QEPQL6C
Malware Config
Targets
-
-
Target
616dd8445a7667aef37ec4922fc49afc_JaffaCakes118
-
Size
191KB
-
MD5
616dd8445a7667aef37ec4922fc49afc
-
SHA1
dd3ed9429a39620683704315491f3652717c547c
-
SHA256
163dcf9cc993313b73d77a59c2d77546c1ee5772e238f5beb2bb9a4754b5bf66
-
SHA512
72f1670de021ca1690ace61ee72f41ae7939a6aba89df084f625876e7712a48e9c483f2aae2838f504042b5d809d3cd85615d60dbc0bead0bf9c4d0d590e905e
-
SSDEEP
3072:X2WwClXMPvigKs4pkuVlxF5GWp1icKAArDZz4N9GhbkrNEk1Lz8VEHL6Cn:GWwCl8PaBsyVTp0yN90QEPQL6C
Score7/10-
Executes dropped EXE
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-