General
-
Target
a2fe38df3f566c83f0b28ecfa9162d2c_JaffaCakes118
-
Size
139KB
-
Sample
240817-sbynda1fnd
-
MD5
a2fe38df3f566c83f0b28ecfa9162d2c
-
SHA1
beaa336f2f16dedacdbf33c4960ae8845370009a
-
SHA256
50db968c194b368c96f2cdd5b37a98dc8e138c6328a01b1061bc127b54cfbe95
-
SHA512
ab49e00fb0aebcc5bc3555652ffe268d1c61c26e7b6dc10d500bc24c34ea21ba643543ce96c677e287867a774680ca5944d2c76c7df6940b5023f58843d3f4c0
-
SSDEEP
3072:tRdvg3l89QgGfOOQ0zXg7H81jpgVe5anC6hRXIXG:to3l8EfOWzY8lr5QC
Malware Config
Targets
-
-
Target
a2fe38df3f566c83f0b28ecfa9162d2c_JaffaCakes118
-
Size
139KB
-
MD5
a2fe38df3f566c83f0b28ecfa9162d2c
-
SHA1
beaa336f2f16dedacdbf33c4960ae8845370009a
-
SHA256
50db968c194b368c96f2cdd5b37a98dc8e138c6328a01b1061bc127b54cfbe95
-
SHA512
ab49e00fb0aebcc5bc3555652ffe268d1c61c26e7b6dc10d500bc24c34ea21ba643543ce96c677e287867a774680ca5944d2c76c7df6940b5023f58843d3f4c0
-
SSDEEP
3072:tRdvg3l89QgGfOOQ0zXg7H81jpgVe5anC6hRXIXG:to3l8EfOWzY8lr5QC
Score10/10-
44Caliber
An open source infostealer written in C#.
-
Growtopia
Growtopa is an opensource modular stealer written in C#.
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-