General
-
Target
12ca2f698cb30d22db5a3d5536cc4cdf_JaffaCakes118
-
Size
255KB
-
Sample
241004-ljbegs1cna
-
MD5
12ca2f698cb30d22db5a3d5536cc4cdf
-
SHA1
a2d14fa3fcdd08c84e65f44fc0f59283c4b39811
-
SHA256
675bd21d408862d14a4feba845c8f5300b72ccb5ffc820e3083093ec65d82cf1
-
SHA512
0a5e6f19fb374ef15ae92f9279fd3fbe1136387eb5744e92e67a409b0a53512240ea26db912fb7c5e0d8844d50379036f296895a1ff6dc38ee05a4029bbd533b
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5ZTqcHNp11xJ/YOUy0D9:h1OgLdaOLH/1/pq9
Malware Config
Targets
-
-
Target
12ca2f698cb30d22db5a3d5536cc4cdf_JaffaCakes118
-
Size
255KB
-
MD5
12ca2f698cb30d22db5a3d5536cc4cdf
-
SHA1
a2d14fa3fcdd08c84e65f44fc0f59283c4b39811
-
SHA256
675bd21d408862d14a4feba845c8f5300b72ccb5ffc820e3083093ec65d82cf1
-
SHA512
0a5e6f19fb374ef15ae92f9279fd3fbe1136387eb5744e92e67a409b0a53512240ea26db912fb7c5e0d8844d50379036f296895a1ff6dc38ee05a4029bbd533b
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5ZTqcHNp11xJ/YOUy0D9:h1OgLdaOLH/1/pq9
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-