General
-
Target
75eb60449fe765cd7bd5553ca1719dec_JaffaCakes118
-
Size
1.0MB
-
Sample
240726-11a8da1cqf
-
MD5
75eb60449fe765cd7bd5553ca1719dec
-
SHA1
05224fb241f8609e61ba4ab560fd2fe4bdc8b94d
-
SHA256
6088c319cc7662df5fcf432bb5d676ee586daaf8cea06e2e715689f2e7c3a0fc
-
SHA512
92ec4592fb7a23c98ac5111b382f91c12e44cd8029fb5d5c014eb65ce4f94a090093556d0c2f5985d7abbf343a0e22446e8694f2827c0718986e84d9fbacaf98
-
SSDEEP
24576:ZXaUGPlZDV2ViMo74BVJPUMO9JYXuPgq+sVBSI5YgRPNuR:ZsfBezUMlXqgNsnA
Malware Config
Targets
-
-
Target
75eb60449fe765cd7bd5553ca1719dec_JaffaCakes118
-
Size
1.0MB
-
MD5
75eb60449fe765cd7bd5553ca1719dec
-
SHA1
05224fb241f8609e61ba4ab560fd2fe4bdc8b94d
-
SHA256
6088c319cc7662df5fcf432bb5d676ee586daaf8cea06e2e715689f2e7c3a0fc
-
SHA512
92ec4592fb7a23c98ac5111b382f91c12e44cd8029fb5d5c014eb65ce4f94a090093556d0c2f5985d7abbf343a0e22446e8694f2827c0718986e84d9fbacaf98
-
SSDEEP
24576:ZXaUGPlZDV2ViMo74BVJPUMO9JYXuPgq+sVBSI5YgRPNuR:ZsfBezUMlXqgNsnA
Score9/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Reads WinSCP keys stored on the system
Tries to access WinSCP stored sessions.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-