Extracted

• • Target

    JaffaCakes118_19887a926c9d9b24362f4b68442e1ed89db9f4a8e46e97f2d640b38cb772d9a2

  • Size

    362KB

  • MD5

    96b76902694e418b9bd8c476a7e2a9d3

  • SHA1

    fe4d12ed4eaaa9342e4cef187eed31eccdb1dff5

  • SHA256

    19887a926c9d9b24362f4b68442e1ed89db9f4a8e46e97f2d640b38cb772d9a2

  • SHA512

    240942f9a13d02eca16bfb26a1697ab0649dd5b6fea19060bc9ed77917a04f88cc2fccc00dce91d97b90f60742397f3ac776294244feb9cb839de3159ac2f084

  • SSDEEP

    6144:cTsmF4rQrDXbjzuFzkEEIvoZh2uPsKjAYT2ThKMlU:cTcrQ/bjzuSEQh2uPsK7wKz

  Score

  10^/10

  cryptbotdiscoveryspywarestealercredential_access

  • CryptBot

    CryptBot is a C++ stealer distributed widely in bundle with other software.

    spywarestealercryptbot

  • Cryptbot family

    cryptbot

  • Deletes itself

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2