General
-
Target
28942cecc44bdc078eab7043af5c615b_JaffaCakes118
-
Size
27KB
-
Sample
241009-b339hatgpd
-
MD5
28942cecc44bdc078eab7043af5c615b
-
SHA1
249306a66ff804bb94d76664168edfcaed91721a
-
SHA256
c9b5ba9011f83d38bd364aa0dd063a513b0661aae8718c13adba9e4b6e1fdb62
-
SHA512
0d91ef3d0bf4e3b72abb536925493437b3277d6483e767011eccd4cf43b7a3a82c081c5d0af002d9fc4f405e7202550fff6da187c2cf9429a8a6682ff225396b
-
SSDEEP
384:PDaxguFmhxu7fCYzAA7zIxoFNYEOYCScpdkWSidmF0aGzJltiBWHBVUk/a80:PD+ZCVeIuFNv9nid6HQTQYUki8
Malware Config
Targets
-
-
Target
28942cecc44bdc078eab7043af5c615b_JaffaCakes118
-
Size
27KB
-
MD5
28942cecc44bdc078eab7043af5c615b
-
SHA1
249306a66ff804bb94d76664168edfcaed91721a
-
SHA256
c9b5ba9011f83d38bd364aa0dd063a513b0661aae8718c13adba9e4b6e1fdb62
-
SHA512
0d91ef3d0bf4e3b72abb536925493437b3277d6483e767011eccd4cf43b7a3a82c081c5d0af002d9fc4f405e7202550fff6da187c2cf9429a8a6682ff225396b
-
SSDEEP
384:PDaxguFmhxu7fCYzAA7zIxoFNYEOYCScpdkWSidmF0aGzJltiBWHBVUk/a80:PD+ZCVeIuFNv9nid6HQTQYUki8
Score7/10-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-