General
-
Target
84198e422a176a3d3d949e834d6847e7_JaffaCakes118
-
Size
336KB
-
Sample
240810-afpxxswenr
-
MD5
84198e422a176a3d3d949e834d6847e7
-
SHA1
a1e716fb1d40b322ea3121ffcfadb62491ec6010
-
SHA256
1ccc871ef6a00bd3993ce8b9e3f70045c0022aa9b4a03c61faa3dc75979e61ac
-
SHA512
5156dbd8509a787fcab6f9b63a2aca1db98a0b50a9bcdc13c584ef2cb512fc90c8356545bb6bbc5e5dfb086e69490f60e0911c7386eb6fd0c2cd53966008d4a2
-
SSDEEP
6144:M7LdlbxFlRg3tx6Uu8Rhv4DfmX9+xykuHm5TZKw9lprPbDJ0wBD07oS9pdzK8AxK:adlbrg3tYUuahA6X95kuG5TZKw9DrP3e
Malware Config
Targets
-
-
Target
84198e422a176a3d3d949e834d6847e7_JaffaCakes118
-
Size
336KB
-
MD5
84198e422a176a3d3d949e834d6847e7
-
SHA1
a1e716fb1d40b322ea3121ffcfadb62491ec6010
-
SHA256
1ccc871ef6a00bd3993ce8b9e3f70045c0022aa9b4a03c61faa3dc75979e61ac
-
SHA512
5156dbd8509a787fcab6f9b63a2aca1db98a0b50a9bcdc13c584ef2cb512fc90c8356545bb6bbc5e5dfb086e69490f60e0911c7386eb6fd0c2cd53966008d4a2
-
SSDEEP
6144:M7LdlbxFlRg3tx6Uu8Rhv4DfmX9+xykuHm5TZKw9lprPbDJ0wBD07oS9pdzK8AxK:adlbrg3tYUuahA6X95kuG5TZKw9DrP3e
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-