Extracted

• • Target

    e199cdbeba711df6dfd1960b9b868440_JaffaCakes118

  • Size

    56KB

  • MD5

    e199cdbeba711df6dfd1960b9b868440

  • SHA1

    6c9939c0ab7d3cfc6a01173825c009b2dd790cec

  • SHA256

    519519a70e3666eaad9b52a9279b492da69acfef43926eb95f05207697515480

  • SHA512

    83811a35c313a5a14940bd01a0289d6b5261ba22cf76a10d1ca96dccd8b27f56b298d35436fda99e6431dfb8ef0c9058cbda44eaabedfaf631524058efee47a3

  • SSDEEP

    768:4GjHnFaKI4mKqgpdjSpdADd8msJ15nodU+d8fmpACZFA6WJw31W6yjBgJLsv:4GjnFaKVtRSSjY5uD8faFYc8eJAv

  Score

  10^/10

  credential_accessspywarestealer

  • Credentials from Password Stores: Credentials from Web Browsers

    Malicious Access or copy of Web Browser Credential store.

    credential_accessstealer

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  behavioral1behavioral2