General
-
Target
b5debab45197f0ad1033243df26cff3a_JaffaCakes118
-
Size
974KB
-
Sample
240822-b5kj6swbpq
-
MD5
b5debab45197f0ad1033243df26cff3a
-
SHA1
192e38c26983b18c7d3ee885a27971b36e771a08
-
SHA256
0ce8475353f07a0bf6fa201862b24cd9c5ba78699310ae8bec605e34bc6668c1
-
SHA512
990f81761f5e7f5429c9610d6fd99e788282477294fa6267b755149afafb6f69e8fc06e59bda9a9880c32509931e51b4f12496b94df1765ba6c4d214cb288129
-
SSDEEP
12288:Y1WpT9RlxLMh2gvhrC37UVjPEt/8+XIO27:JpHHwwOCYhMt/8bf7
Malware Config
Targets
-
-
Target
b5debab45197f0ad1033243df26cff3a_JaffaCakes118
-
Size
974KB
-
MD5
b5debab45197f0ad1033243df26cff3a
-
SHA1
192e38c26983b18c7d3ee885a27971b36e771a08
-
SHA256
0ce8475353f07a0bf6fa201862b24cd9c5ba78699310ae8bec605e34bc6668c1
-
SHA512
990f81761f5e7f5429c9610d6fd99e788282477294fa6267b755149afafb6f69e8fc06e59bda9a9880c32509931e51b4f12496b94df1765ba6c4d214cb288129
-
SSDEEP
12288:Y1WpT9RlxLMh2gvhrC37UVjPEt/8+XIO27:JpHHwwOCYhMt/8bf7
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-