General
-
Target
4be9d3ad65128e3a1c8ca88f7cba1e07_JaffaCakes118
-
Size
344KB
-
Sample
241016-jajy6atcrq
-
MD5
4be9d3ad65128e3a1c8ca88f7cba1e07
-
SHA1
3d6da27995f67f717576090e4c1a773a0f399d3c
-
SHA256
06d55248b9b75ea77e7088f3eecf00f11778c98b302ca8f560cc8b89685019b1
-
SHA512
3e61166a584661c0483b711ae11f18cf43eab24b6c9fbc7c1eda946f67fac670dbba6ecfd31aa15d368db799fdedb544eeb2a59ac898d2b4126f3e6cb89ca37c
-
SSDEEP
6144:M04IUmuuRKmsSuztFMJpycPEW1pDMsF8uouZZkje3bEPyPI3Kdm0QAoaAjjL1:OIUmroaiPODhxZse30yPIdzADijL1
Static task
static1
Behavioral task
behavioral1
Sample
4be9d3ad65128e3a1c8ca88f7cba1e07_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4be9d3ad65128e3a1c8ca88f7cba1e07_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4be9d3ad65128e3a1c8ca88f7cba1e07_JaffaCakes118
-
Size
344KB
-
MD5
4be9d3ad65128e3a1c8ca88f7cba1e07
-
SHA1
3d6da27995f67f717576090e4c1a773a0f399d3c
-
SHA256
06d55248b9b75ea77e7088f3eecf00f11778c98b302ca8f560cc8b89685019b1
-
SHA512
3e61166a584661c0483b711ae11f18cf43eab24b6c9fbc7c1eda946f67fac670dbba6ecfd31aa15d368db799fdedb544eeb2a59ac898d2b4126f3e6cb89ca37c
-
SSDEEP
6144:M04IUmuuRKmsSuztFMJpycPEW1pDMsF8uouZZkje3bEPyPI3Kdm0QAoaAjjL1:OIUmroaiPODhxZse30yPIdzADijL1
Score9/10-
Detected Nirsoft tools
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-