General
-
Target
06968b327caf1ec29a719577d53c7d79_JaffaCakes118
-
Size
642KB
-
Sample
240429-ck7pmsfb64
-
MD5
06968b327caf1ec29a719577d53c7d79
-
SHA1
3cd5d929287221e05d964c6eb309dc1407289961
-
SHA256
64227043d81f041fa7786eadd3761e72019c7961e1205888ba522e8caccf8cf6
-
SHA512
04663b6dd898ed475f2721289372a18b77ab4b490e06da5db1695b524b03eebb54fce40514494c7a0cc8c7d74af2600fccba596b1ca2e0d5cae659343c5bd4eb
-
SSDEEP
12288:0AwBgQyyc5UeN9YcPUuCq+4hG4jLgZFtJApk/dJjFE:0Yyc5Ue9HP3fE4jLgFtaadZm
Static task
static1
Behavioral task
behavioral1
Sample
06968b327caf1ec29a719577d53c7d79_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
06968b327caf1ec29a719577d53c7d79_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
06968b327caf1ec29a719577d53c7d79_JaffaCakes118
-
Size
642KB
-
MD5
06968b327caf1ec29a719577d53c7d79
-
SHA1
3cd5d929287221e05d964c6eb309dc1407289961
-
SHA256
64227043d81f041fa7786eadd3761e72019c7961e1205888ba522e8caccf8cf6
-
SHA512
04663b6dd898ed475f2721289372a18b77ab4b490e06da5db1695b524b03eebb54fce40514494c7a0cc8c7d74af2600fccba596b1ca2e0d5cae659343c5bd4eb
-
SSDEEP
12288:0AwBgQyyc5UeN9YcPUuCq+4hG4jLgZFtJApk/dJjFE:0Yyc5Ue9HP3fE4jLgFtaadZm
Score10/10-
M00nd3v_Logger
M00nd3v Logger is a .NET stealer/logger targeting passwords from browsers and email clients.
-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-