Extracted

• • Target

    JaffaCakes118_8887a0426df91e1c6aa2483824a2e4b8a700e6affaa88963fe1aef4a3a632920

  • Size

    387KB

  • MD5

    74c191d844d4fc482bdcb5f6c8e30621

  • SHA1

    ce34dfe6fd8a54de554c4d514aefeea8629c52b2

  • SHA256

    8887a0426df91e1c6aa2483824a2e4b8a700e6affaa88963fe1aef4a3a632920

  • SHA512

    2de028c36c39604572f562ca1256676760cd422290423847385bac123bb1d74d3aa63a77bfc040335a2cc3061048ad1333ca09ae211a5935913b5c677ca7527f

  • SSDEEP

    6144:eVb52xA3WmGYNIniWb4Rahc7Cz7XbKRypn0QzPAh4C84CQWQ:eVbkOWmGKKiWb4R2cAc4Ac4p

  Score

  10^/10

  cryptbotdiscoveryspywarestealercredential_access

  • CryptBot

    CryptBot is a C++ stealer distributed widely in bundle with other software.

    spywarestealercryptbot

  • Cryptbot family

    cryptbot

  • Deletes itself

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2