General
-
Target
JaffaCakes118_d7f5c670fa50b1008b19da4cf488c212af1fc75a49c682b8100c109add4ca53a
-
Size
403KB
-
Sample
241223-sshngstkbk
-
MD5
87c6424c80111da4b103a223cc5518b6
-
SHA1
096983377bb6e19a7d89e9a328674232e5e899ad
-
SHA256
d7f5c670fa50b1008b19da4cf488c212af1fc75a49c682b8100c109add4ca53a
-
SHA512
c7a73ca9881c40a3d87ed4af687a4850eed54515dd5cdacc4650a02093d1eec7439345786eef485d97f489e3a8c9e7ef499a9056c93f2525745d4f45c8bfb327
-
SSDEEP
6144:mVi9VYkVujsdA5Qtto1guqi5GnR1RpJYK93z7ucO/AjT6xa9SpuokyLb/9j4wZAV:i2VFgsiARHb3+cO/AX6xaQpuon/9j47
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_d7f5c670fa50b1008b19da4cf488c212af1fc75a49c682b8100c109add4ca53a.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
JaffaCakes118_d7f5c670fa50b1008b19da4cf488c212af1fc75a49c682b8100c109add4ca53a.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
cryptbot
unic15m.top
unic15e.top
Targets
-
-
Target
JaffaCakes118_d7f5c670fa50b1008b19da4cf488c212af1fc75a49c682b8100c109add4ca53a
-
Size
403KB
-
MD5
87c6424c80111da4b103a223cc5518b6
-
SHA1
096983377bb6e19a7d89e9a328674232e5e899ad
-
SHA256
d7f5c670fa50b1008b19da4cf488c212af1fc75a49c682b8100c109add4ca53a
-
SHA512
c7a73ca9881c40a3d87ed4af687a4850eed54515dd5cdacc4650a02093d1eec7439345786eef485d97f489e3a8c9e7ef499a9056c93f2525745d4f45c8bfb327
-
SSDEEP
6144:mVi9VYkVujsdA5Qtto1guqi5GnR1RpJYK93z7ucO/AjT6xa9SpuokyLb/9j4wZAV:i2VFgsiARHb3+cO/AX6xaQpuon/9j47
Score10/10-
Cryptbot family
-
Deletes itself
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-