General
-
Target
94ef03fda5fffac2cfcaaeb625a24c5d_JaffaCakes118
-
Size
1.3MB
-
Sample
240813-13ptjstcpr
-
MD5
94ef03fda5fffac2cfcaaeb625a24c5d
-
SHA1
eaf188df097ed29921de4ad3ddad020758107a47
-
SHA256
6fea44a214a531d1c6c6387e107724f35e94d2f95fb95021300ca1977951f166
-
SHA512
38272e0330c42b3f627953c61a6f97884d0d46ed76b9e8235037b8a67ff312a5c312239c36c349b9ed5d1fb2bfde3ffea5a370ab8e52307600be2d175ce06134
-
SSDEEP
24576:H4vtfRaC5I81S0p0F1L8FQq3ks/By5wYaQDy6KnHa8bmSnlMHEDbC:H4vtfR95IKmF1L8FQqx05OpH9N20C
Malware Config
Targets
-
-
Target
94ef03fda5fffac2cfcaaeb625a24c5d_JaffaCakes118
-
Size
1.3MB
-
MD5
94ef03fda5fffac2cfcaaeb625a24c5d
-
SHA1
eaf188df097ed29921de4ad3ddad020758107a47
-
SHA256
6fea44a214a531d1c6c6387e107724f35e94d2f95fb95021300ca1977951f166
-
SHA512
38272e0330c42b3f627953c61a6f97884d0d46ed76b9e8235037b8a67ff312a5c312239c36c349b9ed5d1fb2bfde3ffea5a370ab8e52307600be2d175ce06134
-
SSDEEP
24576:H4vtfRaC5I81S0p0F1L8FQq3ks/By5wYaQDy6KnHa8bmSnlMHEDbC:H4vtfR95IKmF1L8FQqx05OpH9N20C
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops file in System32 directory
-