Extracted

• • Target

    JaffaCakes118_36ad25dda15ea5a29b5aa738f1e60bd9

  • Size

    415KB

  • MD5

    36ad25dda15ea5a29b5aa738f1e60bd9

  • SHA1

    aaa36d292fb1a899116506006ccb2b207fda8a79

  • SHA256

    a13eacd014b6b5032f0b2e0c18bf380f4f371b181e750e7d421870cb6c59aeff

  • SHA512

    70290d735975d71dd9c2bdb01e2805efcb5f7cab81045d201ac1c00a165a8765d508719f0531f2a65ed545f7849997598d1ae455c385d07e6e109f725873b249

  • SSDEEP

    12288:UPSzFKiNNuutzGGP9kYSy1wYJd3d8WPEkLS3C:UPS02ntyS9kI1r8WPE

  Score

  10^/10

  cryptbotdiscoveryspywarestealer

  • CryptBot

    CryptBot is a C++ stealer distributed widely in bundle with other software.

    spywarestealercryptbot

  • Cryptbot family

    cryptbot

  • Deletes itself

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2