Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240319-en -
resource tags
-
submitted
17-04-2024 14:23
General
-
Target
f5f93b480a4ca583092b496be670cab9_JaffaCakes118.exe
-
Size
689KB
-
MD5
f5f93b480a4ca583092b496be670cab9
-
SHA1
7599346d4289e30e379d7b66d56bb85bb1d70c7b
-
SHA256
62d0df3e2034c38c55163ea9a5e6c972416a39a3dac53fecea54fec272301fdc
-
SHA512
8de0eb7c0923b3623ddf23af15d87dcbb516c621667a141de3695a72ae5a0b09b3a995a3ad9a6cd417c6d165c6efbbb1dc25a5a89d7c15561ec9db6885892786
-
SSDEEP
12288:oHaUzb/8R/oQQXew/1boTID5jra/W9K4RHzFOMMW3SMyvnuZIGiYBXlwFwQy5A:oHa2w/YOw/Vo0D5jra/hUFOKn+dy5A
Score
10/10
Malware Config
Signatures
-
PandaStealer
Panda Stealer is a fork of CollectorProject Stealer written in C++.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\f5f93b480a4ca583092b496be670cab9_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\f5f93b480a4ca583092b496be670cab9_JaffaCakes118.exe"1⤵
- Suspicious behavior: EnumeratesProcesses