General
-
Target
bd136950eb3aa888ffd02e5d32ce6af1_JaffaCakes118
-
Size
47KB
-
Sample
240823-zfsfgsveqc
-
MD5
bd136950eb3aa888ffd02e5d32ce6af1
-
SHA1
c1b3176038e37f370c5fa12c15144939fe3eb3b6
-
SHA256
fa159c13a78855dec40a5d02641825a9216e07f940e58481f518e4354e652820
-
SHA512
0f9f122a33961b7a163bcd67edeed368a4468657c9ae984135097a9ff2c096d9325f46af89bf21efda8c83d8cc90c4966fc1be2c64bdaab8289ae05d1bf25738
-
SSDEEP
768:i+ou3nE7rrFi7q7gv0FYc6SPmc4GBNQfWNQdnihea5hyKv33333f1zA:obSxSPmbGc+QhaKKv33333f1zA
Malware Config
Targets
-
-
Target
bd136950eb3aa888ffd02e5d32ce6af1_JaffaCakes118
-
Size
47KB
-
MD5
bd136950eb3aa888ffd02e5d32ce6af1
-
SHA1
c1b3176038e37f370c5fa12c15144939fe3eb3b6
-
SHA256
fa159c13a78855dec40a5d02641825a9216e07f940e58481f518e4354e652820
-
SHA512
0f9f122a33961b7a163bcd67edeed368a4468657c9ae984135097a9ff2c096d9325f46af89bf21efda8c83d8cc90c4966fc1be2c64bdaab8289ae05d1bf25738
-
SSDEEP
768:i+ou3nE7rrFi7q7gv0FYc6SPmc4GBNQfWNQdnihea5hyKv33333f1zA:obSxSPmbGc+QhaKKv33333f1zA
Score7/10-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-