General
-
Target
85cfa171acd737a81dd41e820b0568b5_JaffaCakes118
-
Size
1.2MB
-
Sample
240810-m4y7qawfml
-
MD5
85cfa171acd737a81dd41e820b0568b5
-
SHA1
963c7d7de8189801add7d1865c43ccec0f1f75bd
-
SHA256
e2611e59bdbe1d8ad65ff0a65888a72a2793bfe1c3f06e0643c8c74bd980b36b
-
SHA512
0f5ddba20cb7997115dc15e696f16fb761fd8e20d3f22a96bf6e579e46532a15b26d72a566edfe4f290e399f72998bb454468cb52fca6455bc61e64e41a64199
-
SSDEEP
24576:kpQN0dUo06gV4WOUGMWpsbGESKeRXlTzcSD0U4HCicHq5NO3sXJK1xrU:kw0n06ySpsbGVT0xHzLi3sXJEpU
Malware Config
Targets
-
-
Target
85cfa171acd737a81dd41e820b0568b5_JaffaCakes118
-
Size
1.2MB
-
MD5
85cfa171acd737a81dd41e820b0568b5
-
SHA1
963c7d7de8189801add7d1865c43ccec0f1f75bd
-
SHA256
e2611e59bdbe1d8ad65ff0a65888a72a2793bfe1c3f06e0643c8c74bd980b36b
-
SHA512
0f5ddba20cb7997115dc15e696f16fb761fd8e20d3f22a96bf6e579e46532a15b26d72a566edfe4f290e399f72998bb454468cb52fca6455bc61e64e41a64199
-
SSDEEP
24576:kpQN0dUo06gV4WOUGMWpsbGESKeRXlTzcSD0U4HCicHq5NO3sXJK1xrU:kw0n06ySpsbGVT0xHzLi3sXJEpU
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Suspicious use of SetThreadContext
-