General
-
Target
1b3be9cb070096ae32ead5b4f1a2a424_JaffaCakes118
-
Size
1.0MB
-
Sample
240701-n9a8hstfpr
-
MD5
1b3be9cb070096ae32ead5b4f1a2a424
-
SHA1
06fb15399582efd92c51cc5b8c5added56802576
-
SHA256
fd593d6f1f4ed13328c7624b0f4adc079fb2bc5701bfcf14f70d81087ab65132
-
SHA512
85c71008ae719616cc810091ca19927318624a2d3483570b1c7bd62849d1f55af98874c86d43a3abf400df8a68afa64c646fd09560ae30363b682d86244e84b9
-
SSDEEP
24576:trQ9kplFW5QSjh2JdGzLbjh9VVLisuwptrV5Db/1ifNhk:NYfhSGzLbjhp9V1gfNh
Malware Config
Targets
-
-
Target
1b3be9cb070096ae32ead5b4f1a2a424_JaffaCakes118
-
Size
1.0MB
-
MD5
1b3be9cb070096ae32ead5b4f1a2a424
-
SHA1
06fb15399582efd92c51cc5b8c5added56802576
-
SHA256
fd593d6f1f4ed13328c7624b0f4adc079fb2bc5701bfcf14f70d81087ab65132
-
SHA512
85c71008ae719616cc810091ca19927318624a2d3483570b1c7bd62849d1f55af98874c86d43a3abf400df8a68afa64c646fd09560ae30363b682d86244e84b9
-
SSDEEP
24576:trQ9kplFW5QSjh2JdGzLbjh9VVLisuwptrV5Db/1ifNhk:NYfhSGzLbjhp9V1gfNh
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Accesses Microsoft Outlook profiles
-