General
-
Target
1525ca05d6cd7b4d42fc0c5da09865d2_JaffaCakes118
-
Size
255KB
-
Sample
241004-2e3k6szdnm
-
MD5
1525ca05d6cd7b4d42fc0c5da09865d2
-
SHA1
f4b7bdb81ce56300ded5a9fa2e00862962a600b1
-
SHA256
b26a6b3a14460aca11b172d892972317d9d5bae8b5f9f0ca703ab74fc7309e71
-
SHA512
e2711bb0a4acde51ebf5a5f8cb3bb717f8f911f9b1aa1fac7f4242d5088ad68d2638f5ac0f187ab41433ef3d0d863b19fbbb975302d6585fd0976ac27736e22c
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5q8I7nWPwjoJhBtwJDp:h1OgLdaOMnqBOP
Malware Config
Targets
-
-
Target
1525ca05d6cd7b4d42fc0c5da09865d2_JaffaCakes118
-
Size
255KB
-
MD5
1525ca05d6cd7b4d42fc0c5da09865d2
-
SHA1
f4b7bdb81ce56300ded5a9fa2e00862962a600b1
-
SHA256
b26a6b3a14460aca11b172d892972317d9d5bae8b5f9f0ca703ab74fc7309e71
-
SHA512
e2711bb0a4acde51ebf5a5f8cb3bb717f8f911f9b1aa1fac7f4242d5088ad68d2638f5ac0f187ab41433ef3d0d863b19fbbb975302d6585fd0976ac27736e22c
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5q8I7nWPwjoJhBtwJDp:h1OgLdaOMnqBOP
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-