Overview

overview

9

Static

static

3

75d4bc8fff...18.exe

windows7-x64

9

75d4bc8fff...18.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    75d4bc8fff96827b36b67dfc5ead1a32_JaffaCakes118

  • Size

    306KB

  • Sample

    240726-1hhjqszble

  • MD5

    75d4bc8fff96827b36b67dfc5ead1a32

  • SHA1

    2a09f4d6215a4eb611b9cb56ea48fbbb5908ba73

  • SHA256

    49f094cb209b851a98442aae2200cb38dddad07ebd177d6c2e12d14f49f85e78

  • SHA512

    d0d2a4299850f90a3c0b552ae4c0cde9f74c097ff36c8555b36cdea0466640e62b0ffda320f167274c75ce5d5b9b930ba6446c26d5e0606529aa1f217ceab66b

  • SSDEEP

    6144:p2trmL7dQyxh6rYmzVZfAiRows9w5++kw4ZZn3G3Kyb0xIEPH:pEroCyyrd4iG59FVw4jG3KI

Score
9/10
collectiondiscovery

Malware Config

Targets

    • Target

      75d4bc8fff96827b36b67dfc5ead1a32_JaffaCakes118

    • Size

      306KB

    • MD5

      75d4bc8fff96827b36b67dfc5ead1a32

    • SHA1

      2a09f4d6215a4eb611b9cb56ea48fbbb5908ba73

    • SHA256

      49f094cb209b851a98442aae2200cb38dddad07ebd177d6c2e12d14f49f85e78

    • SHA512

      d0d2a4299850f90a3c0b552ae4c0cde9f74c097ff36c8555b36cdea0466640e62b0ffda320f167274c75ce5d5b9b930ba6446c26d5e0606529aa1f217ceab66b

    • SSDEEP

      6144:p2trmL7dQyxh6rYmzVZfAiRows9w5++kw4ZZn3G3Kyb0xIEPH:pEroCyyrd4iG59FVw4jG3KI

    Score
    9/10
    collectiondiscovery

    • Detected Nirsoft tools

      Free utilities often used by attackers which can steal passwords, product keys, etc.

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Accesses Microsoft Outlook accounts

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks