General
-
Target
JaffaCakes118_76c74d2a50b94ab04b20a428d73503f41f9750d40ed5825087ac828a1b7d8a09
-
Size
404KB
-
Sample
241223-zwcpza1nem
-
MD5
51ea626694e3b7e8ca40d6cd36730b62
-
SHA1
7db3674b4878364f5710436533c2e6ea63a68178
-
SHA256
76c74d2a50b94ab04b20a428d73503f41f9750d40ed5825087ac828a1b7d8a09
-
SHA512
6a978ef984c96346a2de60a6d7f160e18d4f93180b0ee463025c9fe1b19c39f4b0b1a420a2b12ac5b695823f04d36fe434f614953d82f438ca633e01cb31f163
-
SSDEEP
6144:GL+/x0wNWY9QjIO0SIOZYcQJnLhhz0PT2lSCJoQI/6NtvncMy:GLYxKXr5Izc+Lhhz0PT2ICJosNtvn
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_76c74d2a50b94ab04b20a428d73503f41f9750d40ed5825087ac828a1b7d8a09.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_76c74d2a50b94ab04b20a428d73503f41f9750d40ed5825087ac828a1b7d8a09.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
cryptbot
unic15m.top
unic15e.top
Targets
-
-
Target
JaffaCakes118_76c74d2a50b94ab04b20a428d73503f41f9750d40ed5825087ac828a1b7d8a09
-
Size
404KB
-
MD5
51ea626694e3b7e8ca40d6cd36730b62
-
SHA1
7db3674b4878364f5710436533c2e6ea63a68178
-
SHA256
76c74d2a50b94ab04b20a428d73503f41f9750d40ed5825087ac828a1b7d8a09
-
SHA512
6a978ef984c96346a2de60a6d7f160e18d4f93180b0ee463025c9fe1b19c39f4b0b1a420a2b12ac5b695823f04d36fe434f614953d82f438ca633e01cb31f163
-
SSDEEP
6144:GL+/x0wNWY9QjIO0SIOZYcQJnLhhz0PT2lSCJoQI/6NtvncMy:GLYxKXr5Izc+Lhhz0PT2ICJosNtvn
Score10/10-
Cryptbot family
-
Deletes itself
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-