Extracted

• • Target

    JaffaCakes118_5747ed332f72912ac53faea2b4442663

  • Size

    346KB

  • MD5

    5747ed332f72912ac53faea2b4442663

  • SHA1

    eec858844eb7faf37f33854243eb941b9a61a15d

  • SHA256

    264eb379519c57856467254c1350da612757e762ac3198046eced7353c35106a

  • SHA512

    6504c7262be16daf970b77040596f6d7ccec45a39e9cba53517380ea8f11e56f23637c69cdb19f489e16e027f97034eecbd8506adddb3106b768554049405f39

  • SSDEEP

    6144:6o6QtEG7DLMyJ6NhhGgIEX9noRJg7AcgtVjiIADG8elm:6RQtE8LNJ+nHjFoY7SjixD7

  Score

  10^/10

  cryptbotdiscoveryspywarestealer

  • CryptBot

    CryptBot is a C++ stealer distributed widely in bundle with other software.

    spywarestealercryptbot

  • Cryptbot family

    cryptbot

  • Deletes itself

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2