General
-
Target
cece0fe671dc68adca2dd9a4b6c2ef79_JaffaCakes118
-
Size
398KB
-
Sample
240906-gfjjgayhpr
-
MD5
cece0fe671dc68adca2dd9a4b6c2ef79
-
SHA1
ec2a60d4a594787e307ae2aa4e8e578d334d73f6
-
SHA256
5fdceb453b013cd241657e10b61f20bd3c1433d39ae8c8927fcf33c1928997a6
-
SHA512
2a38160aff2537261b31b9ebaab467a035fb52c2f41f598565e4703ba0332667169614f24a8c1617fd5a27499b0db51a646ec10faa409c319f26dbbdd8d5680a
-
SSDEEP
6144:Qa+mOBCVIdVqZ4JXw7piNblcxwNNGhi6nHTpZxgke/0YttLd9F9GMSo3:APBCVITqZ97piZlVGhhPkftdSo
Malware Config
Targets
-
-
Target
cece0fe671dc68adca2dd9a4b6c2ef79_JaffaCakes118
-
Size
398KB
-
MD5
cece0fe671dc68adca2dd9a4b6c2ef79
-
SHA1
ec2a60d4a594787e307ae2aa4e8e578d334d73f6
-
SHA256
5fdceb453b013cd241657e10b61f20bd3c1433d39ae8c8927fcf33c1928997a6
-
SHA512
2a38160aff2537261b31b9ebaab467a035fb52c2f41f598565e4703ba0332667169614f24a8c1617fd5a27499b0db51a646ec10faa409c319f26dbbdd8d5680a
-
SSDEEP
6144:Qa+mOBCVIdVqZ4JXw7piNblcxwNNGhi6nHTpZxgke/0YttLd9F9GMSo3:APBCVITqZ97piZlVGhhPkftdSo
Score7/10-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Suspicious use of SetThreadContext
-