General
-
Target
JaffaCakes118_8ae246978095b2de8a41a27657a53482
-
Size
255KB
-
Sample
250328-v6hlrayzew
-
MD5
8ae246978095b2de8a41a27657a53482
-
SHA1
70ee5e5269ffa800008e5e5bb14187b9249a6ca1
-
SHA256
39af0e2ac1baa5f3d4db324d78b3e6af8c8b84969a968110cec88749b5a86529
-
SHA512
07b65f58029dd0d79ae3c1ab7774ea7a1e1322710216afd76e9895a2c70f16c8145abebce2249c5dcb3777fb3d8d207c3dde175d1d24d1b180a2547178fe0499
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5rhv7IIpZpZ+5XKf8H50aIQ2c:h1OgLdaO1TIypZWXOk50QF
Malware Config
Targets
-
-
Target
JaffaCakes118_8ae246978095b2de8a41a27657a53482
-
Size
255KB
-
MD5
8ae246978095b2de8a41a27657a53482
-
SHA1
70ee5e5269ffa800008e5e5bb14187b9249a6ca1
-
SHA256
39af0e2ac1baa5f3d4db324d78b3e6af8c8b84969a968110cec88749b5a86529
-
SHA512
07b65f58029dd0d79ae3c1ab7774ea7a1e1322710216afd76e9895a2c70f16c8145abebce2249c5dcb3777fb3d8d207c3dde175d1d24d1b180a2547178fe0499
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5rhv7IIpZpZ+5XKf8H50aIQ2c:h1OgLdaO1TIypZWXOk50QF
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-