Extracted

• • Target

    JaffaCakes118_e9d9470a308f2e7da4699bed0c6cb12e8598c559edda6dbdfac157f6cccddf2c

  • Size

    387KB

  • MD5

    cc83a01c8cacb56e7c2dc84ae265f8db

  • SHA1

    9ac9c2178d2dbabd505a72f9ae60dca02feb3569

  • SHA256

    e9d9470a308f2e7da4699bed0c6cb12e8598c559edda6dbdfac157f6cccddf2c

  • SHA512

    18ade81644abf152c7d12b80fc934476e9013ec73f8a54e4d26e0eb8fe8c1cfbce913279d1b51d6a262d570a49acd8a53917bd77cf0276dfa4750229cc166ec4

  • SSDEEP

    6144:iEb52BA3WmGYNIni1qphtDScY20NpvV35PhNLsFfgDF0pbFeN:iEbkeWmGKKie7NUpv55PX30pE

  Score

  10^/10

  cryptbotdiscoveryspywarestealercredential_access

  • CryptBot

    CryptBot is a C++ stealer distributed widely in bundle with other software.

    spywarestealercryptbot

  • Cryptbot family

    cryptbot

  • Deletes itself

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2