Extracted

• • Target

    JaffaCakes118_d05bb6e2dd8b80fca50af85296dca757

  • Size

    347KB

  • MD5

    d05bb6e2dd8b80fca50af85296dca757

  • SHA1

    02f3ee798b04f233e622a400d58688d464ae322f

  • SHA256

    beb6aae479299a359e58a6dea775616b30ae474c7de0e2083f50997455273632

  • SHA512

    d1477933d96159a5c882f9251fab29775ace5c320f1dd31712017eef0fe27b34f7f6440b738aef0cdd31876492a0b191b4d5719ce85f474de23b6c95e478d5e4

  • SSDEEP

    6144:ZLNfr9ti3Q7FnY3gH+X+0qH77kliXQIxZetZvuyLEHyglIADG8elQ:Zhfrbi3Qt+WKBk7giXQfaXxDd

  Score

  10^/10

  cryptbotdiscoveryspywarestealer

  • CryptBot

    CryptBot is a C++ stealer distributed widely in bundle with other software.

    spywarestealercryptbot

  • Cryptbot family

    cryptbot

  • Deletes itself

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2