General
-
Target
53fd976affe4ae3046606ea4086115e5_JaffaCakes118
-
Size
1.0MB
-
Sample
241017-14rpjasgkn
-
MD5
53fd976affe4ae3046606ea4086115e5
-
SHA1
acd008611cbbbf4fd43c0ee2e31998b6efd0f33d
-
SHA256
a4eca871a7d507330abac8420ad45473dac4324e259027786bb311994f5a4d23
-
SHA512
c20dbb0dc6c6bcf42b99e552123790e3fef2b79e3a07e841b088e04377c9cfa46821be15f302a7b02c6733daca99ef3a206243ea9920eb5cc4ff3e18ad3b4419
-
SSDEEP
24576:tLia/wFt/cytLMps8g+fMNF4uBalx8q9Ec0oZCCS71YijYx:tLEt/cytLMzg+fM/4uBa/8mEc08UYijE
Malware Config
Targets
-
-
Target
53fd976affe4ae3046606ea4086115e5_JaffaCakes118
-
Size
1.0MB
-
MD5
53fd976affe4ae3046606ea4086115e5
-
SHA1
acd008611cbbbf4fd43c0ee2e31998b6efd0f33d
-
SHA256
a4eca871a7d507330abac8420ad45473dac4324e259027786bb311994f5a4d23
-
SHA512
c20dbb0dc6c6bcf42b99e552123790e3fef2b79e3a07e841b088e04377c9cfa46821be15f302a7b02c6733daca99ef3a206243ea9920eb5cc4ff3e18ad3b4419
-
SSDEEP
24576:tLia/wFt/cytLMps8g+fMNF4uBalx8q9Ec0oZCCS71YijYx:tLEt/cytLMzg+fM/4uBa/8mEc08UYijE
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-