Overview

overview

9

Static

static

3

639b14d50e...18.exe

windows7-x64

9

639b14d50e...18.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    639b14d50e3d9084fd9c41a5b1aa0532_JaffaCakes118

  • Size

    318KB

  • Sample

    240722-r7dgmsshre

  • MD5

    639b14d50e3d9084fd9c41a5b1aa0532

  • SHA1

    1beccdf02d8a16a1799fe3103525af68961a665a

  • SHA256

    91c8687e76baa14bf7502ae9f065393969b5d7194c81cef2fe6a500551c20306

  • SHA512

    1df948b73afb8e2b1c823d627f54dba3e2b9eb8d886f86263bb8dd0bd4af34428f9632c14028b0109668da63e4f9b1edfde5f8907c056978a5ab017fc15e9815

  • SSDEEP

    6144:bH5RzunGG2B6SJlHfxLmH8LVS9MWhFb7kSa3im6m/2Vi87pQsPiZA:b5RynZcJtnVS+gRyumUi8FQsqZA

Score
9/10
collection

Malware Config

Targets

    • Target

      639b14d50e3d9084fd9c41a5b1aa0532_JaffaCakes118

    • Size

      318KB

    • MD5

      639b14d50e3d9084fd9c41a5b1aa0532

    • SHA1

      1beccdf02d8a16a1799fe3103525af68961a665a

    • SHA256

      91c8687e76baa14bf7502ae9f065393969b5d7194c81cef2fe6a500551c20306

    • SHA512

      1df948b73afb8e2b1c823d627f54dba3e2b9eb8d886f86263bb8dd0bd4af34428f9632c14028b0109668da63e4f9b1edfde5f8907c056978a5ab017fc15e9815

    • SSDEEP

      6144:bH5RzunGG2B6SJlHfxLmH8LVS9MWhFb7kSa3im6m/2Vi87pQsPiZA:b5RynZcJtnVS+gRyumUi8FQsqZA

    Score
    9/10
    collection

    • Detected Nirsoft tools

      Free utilities often used by attackers which can steal passwords, product keys, etc.

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Accesses Microsoft Outlook accounts

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks