Extracted

• • Target

    0e44ebdd90e7ff4a8bd81f0dff6198b1_JaffaCakes118

  • Size

    371KB

  • MD5

    0e44ebdd90e7ff4a8bd81f0dff6198b1

  • SHA1

    c51028c2a0b2e120b552f29a4bf91a945ed0d64f

  • SHA256

    afe8f471e709030ac7d934e1dbe4760318c426a979b2a674939d59789cf12bc1

  • SHA512

    a47c299d3384cecf13de4b2310932540de33c45d288b688d30af236a0d2591cb1e02661ec44d23c64298fa4d72ddd022af88e648946fe1eef3f8786bbeb61481

  • SSDEEP

    6144:KWlOABZeO3au2bLpXWdCn7p7DdVr1gmImu3kr1jtCGT7AqLKVt8xijgSFDE+:KW8EZ93aBLpXaqhRXgw5Cw8VtDjv9b

  Score

  10^/10

  cryptbotdiscoveryspywarestealer

  • CryptBot

    CryptBot is a C++ stealer distributed widely in bundle with other software.

    spywarestealercryptbot

  • Deletes itself

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2