General
-
Target
41db0b304f0e6a4f5c72186c89680bcd_JaffaCakes118
-
Size
1.0MB
-
Sample
241013-y3le1swflc
-
MD5
41db0b304f0e6a4f5c72186c89680bcd
-
SHA1
f40e974b7b4413f3a74b250dd00dc8aa2b7eea1b
-
SHA256
1acaa4354257330250334c92ef2d76f17fed39d5ff1b46ce9a1f8e38d8c42376
-
SHA512
713256b4e1f3fd2c5b4a9e8acc5088e3670a4d2cf9ad5b147d9c6dab7a5876739f0dee02d4e9ad66055804376a17f4019920c4325d2103a7489252bed873201d
-
SSDEEP
24576:UR4m0X0/WQlmgYIOatNZdKU8FmgQ8JhGxFkSpo3CNumdn:+zV/VxOatN7Kh4sJhGH7o3CMm
Malware Config
Targets
-
-
Target
41db0b304f0e6a4f5c72186c89680bcd_JaffaCakes118
-
Size
1.0MB
-
MD5
41db0b304f0e6a4f5c72186c89680bcd
-
SHA1
f40e974b7b4413f3a74b250dd00dc8aa2b7eea1b
-
SHA256
1acaa4354257330250334c92ef2d76f17fed39d5ff1b46ce9a1f8e38d8c42376
-
SHA512
713256b4e1f3fd2c5b4a9e8acc5088e3670a4d2cf9ad5b147d9c6dab7a5876739f0dee02d4e9ad66055804376a17f4019920c4325d2103a7489252bed873201d
-
SSDEEP
24576:UR4m0X0/WQlmgYIOatNZdKU8FmgQ8JhGxFkSpo3CNumdn:+zV/VxOatN7Kh4sJhGH7o3CMm
Score9/10-
Detected Nirsoft tools
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-