General
-
Target
083f96c88c4cca378204ec120009edf1_JaffaCakes118
-
Size
430KB
-
Sample
241002-btr5watgla
-
MD5
083f96c88c4cca378204ec120009edf1
-
SHA1
0a9d745b2e9a3f00608ddc1e9d33b267ae54607b
-
SHA256
3804dda68537ff8a5436dc878c8617f3b38f083d157d0411cf78bde506d74abc
-
SHA512
efb60f23284971c761ea2e5a5126367642078ab9660c21a2b98b3f705cde3d6cf06ec7e5047a0ef600b29dac99304ad161ecc8476894a7d0e11bd0f7974f9ee8
-
SSDEEP
6144:CndkxR6wxuayDWfLSwIgzIAkxzkkMPDJxs3bjrB5NA1A1xYQYUuyeiObMUIgJA4b:idsEwxQt/kkxoDJWPrDii9e8UvgLFY/F
Malware Config
Targets
-
-
Target
083f96c88c4cca378204ec120009edf1_JaffaCakes118
-
Size
430KB
-
MD5
083f96c88c4cca378204ec120009edf1
-
SHA1
0a9d745b2e9a3f00608ddc1e9d33b267ae54607b
-
SHA256
3804dda68537ff8a5436dc878c8617f3b38f083d157d0411cf78bde506d74abc
-
SHA512
efb60f23284971c761ea2e5a5126367642078ab9660c21a2b98b3f705cde3d6cf06ec7e5047a0ef600b29dac99304ad161ecc8476894a7d0e11bd0f7974f9ee8
-
SSDEEP
6144:CndkxR6wxuayDWfLSwIgzIAkxzkkMPDJxs3bjrB5NA1A1xYQYUuyeiObMUIgJA4b:idsEwxQt/kkxoDJWPrDii9e8UvgLFY/F
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-