General
-
Target
b4eacfeba13503c98b7b3ad5f9801380_JaffaCakes118
-
Size
3.0MB
-
Sample
241130-fr3aaatpat
-
MD5
b4eacfeba13503c98b7b3ad5f9801380
-
SHA1
bd6c3b198b76a2e741ef3e83092a8718ef60f9fe
-
SHA256
85a04fae9bc11b0ed310559e04c3c26b704dd30c955084ca7a93756a31622693
-
SHA512
b9a457984307b6ada85cb4ed6ca2f0eba3c0a8684f245e616443f2ab0efe5dedfd2456b32c37135db4cbd793c61613ab559df5311ff64ce01e52c0a579396b32
-
SSDEEP
49152:eu5HOTeWWqs8LIWfX5DZDmNQCfzlEp6RljIEp6PbtL2tL:dHxWvsgzhNDmopopIV2V
Malware Config
Targets
-
-
Target
b4eacfeba13503c98b7b3ad5f9801380_JaffaCakes118
-
Size
3.0MB
-
MD5
b4eacfeba13503c98b7b3ad5f9801380
-
SHA1
bd6c3b198b76a2e741ef3e83092a8718ef60f9fe
-
SHA256
85a04fae9bc11b0ed310559e04c3c26b704dd30c955084ca7a93756a31622693
-
SHA512
b9a457984307b6ada85cb4ed6ca2f0eba3c0a8684f245e616443f2ab0efe5dedfd2456b32c37135db4cbd793c61613ab559df5311ff64ce01e52c0a579396b32
-
SSDEEP
49152:eu5HOTeWWqs8LIWfX5DZDmNQCfzlEp6RljIEp6PbtL2tL:dHxWvsgzhNDmopopIV2V
Score7/10-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-