Extracted

• • Target

    JaffaCakes118_fd01ea3415d761f0c9289fe2630194fb

  • Size

    388KB

  • MD5

    fd01ea3415d761f0c9289fe2630194fb

  • SHA1

    72d6991b8b43ce94db7b1118e61753c5c2e0f490

  • SHA256

    c415e164b8539e5b4d8232f5bbf359caa81250d78b1785cc074c3e204e689b97

  • SHA512

    625a34ea0b561ee7e8fb7ab7f17346b40d7b28d46ccb96bad9687054dfa83fa1b2a4ab7f8199f4959b4e96e87a68fafe0a7043631450b1fd0fa2c30b894459bf

  • SSDEEP

    6144:XNj6TYWryIIt5z5nYiXu1t7+y/urZkw5FwthSHP+WeoOM6WdNU:XNj6TvOnq1t+ymlkw5FwIP+WeoOSN

  Score

  10^/10

  cryptbotdiscoveryspywarestealer

  • CryptBot

    CryptBot is a C++ stealer distributed widely in bundle with other software.

    spywarestealercryptbot

  • Cryptbot family

    cryptbot

  • Deletes itself

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2