General
-
Target
f86a56bef578dcc9c63dd5515afe4a02_JaffaCakes118
-
Size
736KB
-
Sample
240418-vpjgqaac25
-
MD5
f86a56bef578dcc9c63dd5515afe4a02
-
SHA1
8126972bfbe66dac2e8b72261543a3a98b03aea5
-
SHA256
59433a821cc8cd22eda00c51a5947af21953cafcf30967bd7878dcfe283e3dc2
-
SHA512
c2ca7358052dbd0603f9dd4604c2820d9f7b0e36a7f6cb4e7a5863878db2ed8c3d84ed0e5e8ec306d2302453022db39340e0f06d6789500c2a5e93520b6fcd0c
-
SSDEEP
12288:0z9/32XvY6CD6zzXGytE0/OJKG+UlIKfJuUKo1nWjhStiSbUccDJIwsromA:Y9vesuzzXGyO0/OJKiICuUKtYcwUccHj
Static task
static1
Behavioral task
behavioral1
Sample
f86a56bef578dcc9c63dd5515afe4a02_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f86a56bef578dcc9c63dd5515afe4a02_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
f86a56bef578dcc9c63dd5515afe4a02_JaffaCakes118
-
Size
736KB
-
MD5
f86a56bef578dcc9c63dd5515afe4a02
-
SHA1
8126972bfbe66dac2e8b72261543a3a98b03aea5
-
SHA256
59433a821cc8cd22eda00c51a5947af21953cafcf30967bd7878dcfe283e3dc2
-
SHA512
c2ca7358052dbd0603f9dd4604c2820d9f7b0e36a7f6cb4e7a5863878db2ed8c3d84ed0e5e8ec306d2302453022db39340e0f06d6789500c2a5e93520b6fcd0c
-
SSDEEP
12288:0z9/32XvY6CD6zzXGytE0/OJKG+UlIKfJuUKo1nWjhStiSbUccDJIwsromA:Y9vesuzzXGyO0/OJKiICuUKtYcwUccHj
Score9/10-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-