Extracted

• • Target

    cbbfe74029e6eb81ccc66d728428b328_JaffaCakes118

  • Size

    596KB

  • MD5

    cbbfe74029e6eb81ccc66d728428b328

  • SHA1

    75ca75a839b5605286385329839d01986b11b19d

  • SHA256

    e40c1359fa0e86c65f50363b88e29a7d4d24990195cc766273203c496393ebe4

  • SHA512

    9a8e97265e9a777c8d5e7b9508c444b574a58dad184c6b008ecda3106926e9c0eed15d11c220282054d70d7a61afceb308c4d4c6ed611a0c0a516e5f4aef1c12

  • SSDEEP

    12288:bGTJt5et/HePSr9fg/YiTRtILP8IQXbcZ9uDWUJLypTJ4JLvC5:mJfet/He6r9fUHmPpQAWSqkWLv

  Score

  10^/10

  cryptbotdiscoveryspywarestealer

  • CryptBot

    CryptBot is a C++ stealer distributed widely in bundle with other software.

    spywarestealercryptbot

  • CryptBot payload

  • Cryptbot family

    cryptbot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2