General
-
Target
11529237f5ce62c8d17fb860d384637a_JaffaCakes118
-
Size
249KB
-
Sample
241004-b6hrzaxgkj
-
MD5
11529237f5ce62c8d17fb860d384637a
-
SHA1
c29e129fa42845b72a91914e70d32e98c7a1b082
-
SHA256
c7edba52213db930f054824a2687b9cabf51d3da14b69897a97f4918588a7e4b
-
SHA512
5ad808c196ace023d7348d309b996a31c3cbf665849191639cc27bd514bbff158f4bd22c70062743038be05bdff96d3c5dbf41f08a82b996385062ffb405bf6b
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s58Mzi2V9G0rRLCSChoAWkw:h1OgLdaO8M31VzChoP
Malware Config
Targets
-
-
Target
11529237f5ce62c8d17fb860d384637a_JaffaCakes118
-
Size
249KB
-
MD5
11529237f5ce62c8d17fb860d384637a
-
SHA1
c29e129fa42845b72a91914e70d32e98c7a1b082
-
SHA256
c7edba52213db930f054824a2687b9cabf51d3da14b69897a97f4918588a7e4b
-
SHA512
5ad808c196ace023d7348d309b996a31c3cbf665849191639cc27bd514bbff158f4bd22c70062743038be05bdff96d3c5dbf41f08a82b996385062ffb405bf6b
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s58Mzi2V9G0rRLCSChoAWkw:h1OgLdaO8M31VzChoP
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-