Extracted

• • Target

    280a0d8dfd3db1c96e5bdfddd9d0c5d0_JaffaCakes118

  • Size

    4.1MB

  • MD5

    280a0d8dfd3db1c96e5bdfddd9d0c5d0

  • SHA1

    dc557eb4bdf628a1ac7b41ff1c6ceb18c620e374

  • SHA256

    f0c26ef9e345f719c8ba18801eaee491ab578bcbf85bff4180a65b10d861e074

  • SHA512

    59131206574fc7f05d709d21e563ff88076dd990d539a2820d9d31ddae8dee015ea7dfab4e057079e4457c0ad7cefddf1e6fa8db86a5f3b3a19df43b5d99ab5b

  • SSDEEP

    1536:BOghaZcYZqJC3xdTNC9dhoh8SHsNqJH25UzX/gcvh1Ft0WCseXkpl:BPaZ0JKQ3hPSMNczX/r3e0

  Score

  10^/10

  credential_accessdiscoveryspywarestealer

  • Checks BIOS information in registry

    BIOS information is often read in order to detect sandboxing environments.

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads local data of messenger clients

    Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2