General
-
Target
0df8474247fccd7478205bcbcbce4cfe_JaffaCakes118
-
Size
255KB
-
Sample
241003-fby8payfjd
-
MD5
0df8474247fccd7478205bcbcbce4cfe
-
SHA1
be5fe75421117ed5179877e2bfcb8c660223447f
-
SHA256
6a60a916b78acb39f8c3e20684baf32901a422bc17a332a403c0671543de4a0b
-
SHA512
f89365a999f4455aa386e3422758631bdcdf13c9ff9a0a4ad1a55289beea2c77471e0a1745f31c890d1ce585a820c0fd5dc7a9ad7d23cdd3ec11a290511c576f
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5FObOCFFw0UcPR1:h1OgLdaOFOqCFFxUcPj
Malware Config
Targets
-
-
Target
0df8474247fccd7478205bcbcbce4cfe_JaffaCakes118
-
Size
255KB
-
MD5
0df8474247fccd7478205bcbcbce4cfe
-
SHA1
be5fe75421117ed5179877e2bfcb8c660223447f
-
SHA256
6a60a916b78acb39f8c3e20684baf32901a422bc17a332a403c0671543de4a0b
-
SHA512
f89365a999f4455aa386e3422758631bdcdf13c9ff9a0a4ad1a55289beea2c77471e0a1745f31c890d1ce585a820c0fd5dc7a9ad7d23cdd3ec11a290511c576f
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5FObOCFFw0UcPR1:h1OgLdaOFOqCFFxUcPj
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-