General
-
Target
8760a837ab6f6c038dffc7d275f5853c_JaffaCakes118
-
Size
332KB
-
Sample
240810-yaastaydrf
-
MD5
8760a837ab6f6c038dffc7d275f5853c
-
SHA1
18323dac0a42373d45106d2ffa1fb035c441bb35
-
SHA256
3395dd812bced5c0d0cb4d4c6f70950ec6ecdc4a6b630c27fc6fad4ad06bc29f
-
SHA512
8e761526b0c4359c97c3f6a2b4a2432044bae163a7d612cf75bc102abd84225224b169cbee80dbf5484a8cdb8a3e6bb445674626d9d90d0a6bf7b42ec5b35dc8
-
SSDEEP
768:45OZbeObAo07eAsjQGaa7X/lq898i5/FFUt9cpwwJAEK+S9jdwM4TIIiKoY9tDwX:HlhNHR90W2M5cm36Y9DRHwPVI9sV
Malware Config
Targets
-
-
Target
8760a837ab6f6c038dffc7d275f5853c_JaffaCakes118
-
Size
332KB
-
MD5
8760a837ab6f6c038dffc7d275f5853c
-
SHA1
18323dac0a42373d45106d2ffa1fb035c441bb35
-
SHA256
3395dd812bced5c0d0cb4d4c6f70950ec6ecdc4a6b630c27fc6fad4ad06bc29f
-
SHA512
8e761526b0c4359c97c3f6a2b4a2432044bae163a7d612cf75bc102abd84225224b169cbee80dbf5484a8cdb8a3e6bb445674626d9d90d0a6bf7b42ec5b35dc8
-
SSDEEP
768:45OZbeObAo07eAsjQGaa7X/lq898i5/FFUt9cpwwJAEK+S9jdwM4TIIiKoY9tDwX:HlhNHR90W2M5cm36Y9DRHwPVI9sV
Score9/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-