Extracted

• • Target

    35ba0fb1e93d396134cf19eab533d9ce_JaffaCakes118

  • Size

    384KB

  • MD5

    35ba0fb1e93d396134cf19eab533d9ce

  • SHA1

    6c99d5a2b027e2294859bd799360bd15a336a5f1

  • SHA256

    2ab57b30d28ddd69e423d7df5e995549e029aa8bbf4bf57bc7c8c95f9aa8c481

  • SHA512

    7da9f54869395b82705bba6cd7836ed49323ef2422520cbdfcec201581cbe346c39fd50b6b036f64e4aca8f82eac4b0b91bc7834d78e4a7dad401ffc2a54ea95

  • SSDEEP

    12288:pQ7JsX++47NntFlkNi0ouu1lL6vazxd6L:p+V9r0ouuPtL6L

  Score

  10^/10

  cryptbotdiscoveryspywarestealer

  • CryptBot

    CryptBot is a C++ stealer distributed widely in bundle with other software.

    spywarestealercryptbot

  • Deletes itself

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2