General
-
Target
42004cbbfcd490eaaba9a29c64460974_JaffaCakes118
-
Size
1.0MB
-
Sample
241013-zm2yhascmn
-
MD5
42004cbbfcd490eaaba9a29c64460974
-
SHA1
b73b0ff17bbe78f9b702e0fce0111a9067c3f534
-
SHA256
bb614d3fc99457915c200b9ba21836a41add1add2fbb7be7889feb3c2cab58e6
-
SHA512
8213d44c6b17930402ee82c32804324c1662bca619f6c7981088a9d8aecab17eb071b109ba851c533db5a2082ee993154a247e64056a016940d66790c7890f1a
-
SSDEEP
24576:4Li8PqEK4tjClt6kahXMgvcD0OdcqwyHzEBVTUIqLOsSW:4L1YKGEhXHcD0OWqwIYBVojAW
Malware Config
Targets
-
-
Target
42004cbbfcd490eaaba9a29c64460974_JaffaCakes118
-
Size
1.0MB
-
MD5
42004cbbfcd490eaaba9a29c64460974
-
SHA1
b73b0ff17bbe78f9b702e0fce0111a9067c3f534
-
SHA256
bb614d3fc99457915c200b9ba21836a41add1add2fbb7be7889feb3c2cab58e6
-
SHA512
8213d44c6b17930402ee82c32804324c1662bca619f6c7981088a9d8aecab17eb071b109ba851c533db5a2082ee993154a247e64056a016940d66790c7890f1a
-
SSDEEP
24576:4Li8PqEK4tjClt6kahXMgvcD0OdcqwyHzEBVTUIqLOsSW:4L1YKGEhXHcD0OWqwIYBVojAW
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-