General
-
Target
fa064176c0b8d9b7f2c834d9d1232824_JaffaCakes118
-
Size
312KB
-
Sample
240419-lneygaeh31
-
MD5
fa064176c0b8d9b7f2c834d9d1232824
-
SHA1
5287882f6cd3e93b9c0336c90d236dfb65d2cdac
-
SHA256
4bddc3d6c6492fe383fc1dea46e269d3efeea702be56e0412bf388f10e8d0d1c
-
SHA512
65f19d4b8f3802fa5d8f1155875284ffa97b9f48a50b3d558c11c0e64fbb8b36d98d939ff55475d7b8963bf5f68d8df0b874d4758c76669d94a36ce4b9e260e3
-
SSDEEP
6144:5mtrmi7dQyaM6rYmzVZfAiRLwA9w5urktP4JZn3m3KybkxOEPHN:50rJCy6rd4iJl9VIV4zm3KI0
Static task
static1
Behavioral task
behavioral1
Sample
fa064176c0b8d9b7f2c834d9d1232824_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fa064176c0b8d9b7f2c834d9d1232824_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fa064176c0b8d9b7f2c834d9d1232824_JaffaCakes118
-
Size
312KB
-
MD5
fa064176c0b8d9b7f2c834d9d1232824
-
SHA1
5287882f6cd3e93b9c0336c90d236dfb65d2cdac
-
SHA256
4bddc3d6c6492fe383fc1dea46e269d3efeea702be56e0412bf388f10e8d0d1c
-
SHA512
65f19d4b8f3802fa5d8f1155875284ffa97b9f48a50b3d558c11c0e64fbb8b36d98d939ff55475d7b8963bf5f68d8df0b874d4758c76669d94a36ce4b9e260e3
-
SSDEEP
6144:5mtrmi7dQyaM6rYmzVZfAiRLwA9w5urktP4JZn3m3KybkxOEPHN:50rJCy6rd4iJl9VIV4zm3KI0
Score9/10-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-