General
-
Target
JaffaCakes118_5749ca3bba0023fc257072a67da7724a772399fd66bbaf825527357a95bed194
-
Size
387KB
-
Sample
241224-1j52esykcj
-
MD5
87fd447e1dfc44afef7593f5dd27a427
-
SHA1
4101a9c049fc91ea24d65824d10f95263eaae88c
-
SHA256
5749ca3bba0023fc257072a67da7724a772399fd66bbaf825527357a95bed194
-
SHA512
590bd88ef61e87b45fcca3634556635b94a7015e0f8b016d714c20ac0fde3ce2f2e7e975f7a4a8d064c66d157eb968e0e9b81d4abed3ad456bcb4610f0fe4993
-
SSDEEP
6144:SNb52zA3WmGYNIni6qeNfYl6LyIA7tt1a0FNgjFX:SNbkoWmGKKiVe8gyIAhtjNgh
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_5749ca3bba0023fc257072a67da7724a772399fd66bbaf825527357a95bed194.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_5749ca3bba0023fc257072a67da7724a772399fd66bbaf825527357a95bed194.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
cryptbot
unic16m.top
unic16e.top
Targets
-
-
Target
JaffaCakes118_5749ca3bba0023fc257072a67da7724a772399fd66bbaf825527357a95bed194
-
Size
387KB
-
MD5
87fd447e1dfc44afef7593f5dd27a427
-
SHA1
4101a9c049fc91ea24d65824d10f95263eaae88c
-
SHA256
5749ca3bba0023fc257072a67da7724a772399fd66bbaf825527357a95bed194
-
SHA512
590bd88ef61e87b45fcca3634556635b94a7015e0f8b016d714c20ac0fde3ce2f2e7e975f7a4a8d064c66d157eb968e0e9b81d4abed3ad456bcb4610f0fe4993
-
SSDEEP
6144:SNb52zA3WmGYNIni6qeNfYl6LyIA7tt1a0FNgjFX:SNbkoWmGKKiVe8gyIAhtjNgh
Score10/10-
Cryptbot family
-
Deletes itself
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-