General
-
Target
4ab7f450124b7b4400bf866243d41a19_JaffaCakes118
-
Size
164KB
-
Sample
240729-ra3eha1fmq
-
MD5
4ab7f450124b7b4400bf866243d41a19
-
SHA1
37d2b935cfb5424f675aa707efc29e0a526a59f9
-
SHA256
573032a583013a819dc46f1040e37506f700ddec7ac92f4292ce79a83d48c92f
-
SHA512
cc13ce5852f6297820f59114135f0cfbe0131a4542761b6f3a875d6ed501086257406faa31f16e1e4521d06814e1720a6abe3b270c39aeb4dc6b94a6eb71b42c
-
SSDEEP
3072:bk/swoSzoh+vZ9oT8t4LYoH9KYlBe5wAAGOKRkRiYfkQdjLY1SprO:zAZ9oT8ttggYwwAcRy
Malware Config
Targets
-
-
Target
4ab7f450124b7b4400bf866243d41a19_JaffaCakes118
-
Size
164KB
-
MD5
4ab7f450124b7b4400bf866243d41a19
-
SHA1
37d2b935cfb5424f675aa707efc29e0a526a59f9
-
SHA256
573032a583013a819dc46f1040e37506f700ddec7ac92f4292ce79a83d48c92f
-
SHA512
cc13ce5852f6297820f59114135f0cfbe0131a4542761b6f3a875d6ed501086257406faa31f16e1e4521d06814e1720a6abe3b270c39aeb4dc6b94a6eb71b42c
-
SSDEEP
3072:bk/swoSzoh+vZ9oT8t4LYoH9KYlBe5wAAGOKRkRiYfkQdjLY1SprO:zAZ9oT8ttggYwwAcRy
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-