General
-
Target
309ad47536511a54f2ca61816eecf482_JaffaCakes118
-
Size
774KB
-
Sample
240510-xwdadscg2t
-
MD5
309ad47536511a54f2ca61816eecf482
-
SHA1
318855d6892631d44824f5d14361f0390c37b409
-
SHA256
34dd58676093cd5f4106acfd008f9c440829d79ce8f59e16c2986f2eb2b70b81
-
SHA512
5ff5728b580ac6408380fafc5b32c73e14497a1c86f8da8cb9f597b154015d22a446738ddc6d06fa8f569bc03d6af7d8b32dd829cd1c94d0140e11624a272343
-
SSDEEP
24576:bys282bWFKKt/+D0KeYQVvJOSSL6HGlDVpFrCRAKY:s8UWFz/dKeYQ9gSSLoGVF2Rc
Static task
static1
Behavioral task
behavioral1
Sample
309ad47536511a54f2ca61816eecf482_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
309ad47536511a54f2ca61816eecf482_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
hawkeye_reborn
- fields
- name
Targets
-
-
Target
309ad47536511a54f2ca61816eecf482_JaffaCakes118
-
Size
774KB
-
MD5
309ad47536511a54f2ca61816eecf482
-
SHA1
318855d6892631d44824f5d14361f0390c37b409
-
SHA256
34dd58676093cd5f4106acfd008f9c440829d79ce8f59e16c2986f2eb2b70b81
-
SHA512
5ff5728b580ac6408380fafc5b32c73e14497a1c86f8da8cb9f597b154015d22a446738ddc6d06fa8f569bc03d6af7d8b32dd829cd1c94d0140e11624a272343
-
SSDEEP
24576:bys282bWFKKt/+D0KeYQVvJOSSL6HGlDVpFrCRAKY:s8UWFz/dKeYQ9gSSLoGVF2Rc
-
HawkEye Reborn
HawkEye Reborn is an enhanced version of the HawkEye malware kit.
-
M00nd3v_Logger
M00nd3v Logger is a .NET stealer/logger targeting passwords from browsers and email clients.
-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-