Extracted

• • Target

    da9d92263969cf175f9d93419c82fd45_JaffaCakes118

  • Size

    323KB

  • MD5

    da9d92263969cf175f9d93419c82fd45

  • SHA1

    4d0f60cdef36069c998c679ba9a7aeb466b8749b

  • SHA256

    79e80765316a4a6ee52d62a373443e379ec1d341aaae5beab07c54307e75223b

  • SHA512

    a47decf2a6a5a19aae7fa5edd2139dc621cf13107fea83a3300e6b67317a247b28646b0dc6135ab0c5bca5fe7d7e730c7dc203a87f5294423236bfa371c362a0

  • SSDEEP

    6144:AeRKFeYBYmA3sLsGIWihb12eT8Jxcv7qZ3TNJnS5vFaVrGXYmIQGB/sOU6MUpt+:Aac/BYmAcIDTocjq9TNc59a9AYTB/Suu

  Score

  10^/10

  cryptbotdiscoveryspywarestealer

  • CryptBot

    CryptBot is a C++ stealer distributed widely in bundle with other software.

    spywarestealercryptbot

  • Cryptbot family

    cryptbot

  • Deletes itself

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2