Extracted

Extracted

Extracted

• • Target

    df81d775612d1565e5564d416420c2fd_JaffaCakes118

  • Size

    1004KB

  • MD5

    df81d775612d1565e5564d416420c2fd

  • SHA1

    49252eae3983eaa89eea12b5f5b65c5e147d3e5b

  • SHA256

    d98fd8189273e4f4fcbb8b1d5b32459b5d7adcd6eaff9efef0c32ace0fdfab0e

  • SHA512

    a20e59cff9cd30efa06a5bb5c935d119e19d74f289d22335173e64046c634c4ed2b87db5b0e774c90d87c0b34686b4a7e4a9ff8e3e9c8d56207ccc6146ff03d9

  • SSDEEP

    24576:iGVJLVwfsOmo3MYYFhSHOEIk3XWT9JZH9h:X433nYpEIkonZH9h

  Score

  10^/10

  azorultoskiraccoon8e94b823a9991735de58978b0e8609a618f8ddd3credential_accessdiscoveryinfostealerspywarestealertrojan

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon

  • Raccoon Stealer V1 payload

  • Credentials from Password Stores: Credentials from Web Browsers

    Malicious Access or copy of Web Browser Credential store.

    credential_accessstealer

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2