Overview

overview

10

Static

static

10

JaffaCakes...05.exe

windows7-x64

7

JaffaCakes...05.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_9e6ae81896be9b568604e08dcd1407e536b1a9fbadb313e9cafecca981f4e105

  • Size

    275KB

  • Sample

    241226-ylz7vaxkfs

  • MD5

    8a64b62bd2d7d89f4739c78626015be7

  • SHA1

    74f854b58bde93abe941c4b14469db10abfefaed

  • SHA256

    9e6ae81896be9b568604e08dcd1407e536b1a9fbadb313e9cafecca981f4e105

  • SHA512

    380168a4c878cbb523fe711ca7e45d81e86fbbf4545f4a7725f7409d68ac1d9afb601d5242307ecd086b0165baca1702ada15f156e76382ec3c16aecc17f3cb2

  • SSDEEP

    6144:WMbC0SbzJjbSLPWstc7e72gk6ZVxw4ufGxs4lDWyWZsPGhOikTuid8ukn6Bg:WG/CzJxgk4w4ufGJlDFWZsbikTuidBwj

Score
10/10
cryptbotdiscoveryspywarestealer

Malware Config

Extracted

Family

cryptbot

C2

cemgty35.top

morbug03.top
Attributes
  • payload_url

    http://bojozb04.top/download.php?file=lv.exe

Targets

    • Target

      JaffaCakes118_9e6ae81896be9b568604e08dcd1407e536b1a9fbadb313e9cafecca981f4e105

    • Size

      275KB

    • MD5

      8a64b62bd2d7d89f4739c78626015be7

    • SHA1

      74f854b58bde93abe941c4b14469db10abfefaed

    • SHA256

      9e6ae81896be9b568604e08dcd1407e536b1a9fbadb313e9cafecca981f4e105

    • SHA512

      380168a4c878cbb523fe711ca7e45d81e86fbbf4545f4a7725f7409d68ac1d9afb601d5242307ecd086b0165baca1702ada15f156e76382ec3c16aecc17f3cb2

    • SSDEEP

      6144:WMbC0SbzJjbSLPWstc7e72gk6ZVxw4ufGxs4lDWyWZsPGhOikTuid8ukn6Bg:WG/CzJxgk4w4ufGJlDFWZsbikTuidBwj

    Score
    7/10
    discoveryspywarestealer

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks