General
-
Target
3a957bc67d34c03266c9a0d1c26877b6_JaffaCakes118
-
Size
1.0MB
-
Sample
241012-r49qnswarf
-
MD5
3a957bc67d34c03266c9a0d1c26877b6
-
SHA1
f9f98791a7015c1c9f92cd6e549a147c0dda92d0
-
SHA256
3592b231d53b678f75ce6b48dcdca1a08a4b2e3746ccaa62d3b6cb8661349353
-
SHA512
c395adc763c37486d00195b350320b263ad73e1583e06e5ca5bc232f6a8964f7fe6ddda38618e7d786b50675f54e5e0c8e00d0a2674df4723641de333fc9095e
-
SSDEEP
24576:PLiRg3h05HSJl8wTrQ0yNWrjAA2yCctZEojhI:PLded6l9cuj4fctZEcI
Malware Config
Targets
-
-
Target
3a957bc67d34c03266c9a0d1c26877b6_JaffaCakes118
-
Size
1.0MB
-
MD5
3a957bc67d34c03266c9a0d1c26877b6
-
SHA1
f9f98791a7015c1c9f92cd6e549a147c0dda92d0
-
SHA256
3592b231d53b678f75ce6b48dcdca1a08a4b2e3746ccaa62d3b6cb8661349353
-
SHA512
c395adc763c37486d00195b350320b263ad73e1583e06e5ca5bc232f6a8964f7fe6ddda38618e7d786b50675f54e5e0c8e00d0a2674df4723641de333fc9095e
-
SSDEEP
24576:PLiRg3h05HSJl8wTrQ0yNWrjAA2yCctZEojhI:PLded6l9cuj4fctZEcI
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-