General
-
Target
0c5c70f2ed7ec1b49a592777340ecd2d_JaffaCakes118
-
Size
487KB
-
Sample
241002-zby3gavfmp
-
MD5
0c5c70f2ed7ec1b49a592777340ecd2d
-
SHA1
dc2acb0ff964e1269c2f5879573fca2653f1b66d
-
SHA256
7692259c2ffabd717f0ca3c68702e8fabf6b3294b8a61ede5757d21834468a1c
-
SHA512
5e22ad0463b636a13975eeddfdccd7c676cbdc63850b280247da011f139e415a5f03663e29a87a997ca90e2031dbd0acb89fa817d3943685e7cd66c46e6c7ba5
-
SSDEEP
12288:m8is8q5pvWYM+tLdy1V7UqkBZDUhog6DaWUboSQ:NR7hdyvU3jOoxUu
Behavioral task
behavioral1
Sample
0c5c70f2ed7ec1b49a592777340ecd2d_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
0c5c70f2ed7ec1b49a592777340ecd2d_JaffaCakes118
-
Size
487KB
-
MD5
0c5c70f2ed7ec1b49a592777340ecd2d
-
SHA1
dc2acb0ff964e1269c2f5879573fca2653f1b66d
-
SHA256
7692259c2ffabd717f0ca3c68702e8fabf6b3294b8a61ede5757d21834468a1c
-
SHA512
5e22ad0463b636a13975eeddfdccd7c676cbdc63850b280247da011f139e415a5f03663e29a87a997ca90e2031dbd0acb89fa817d3943685e7cd66c46e6c7ba5
-
SSDEEP
12288:m8is8q5pvWYM+tLdy1V7UqkBZDUhog6DaWUboSQ:NR7hdyvU3jOoxUu
-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
Detected Nirsoft tools
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-