General

  • Target

    4be9d3ad65128e3a1c8ca88f7cba1e07_JaffaCakes118

  • Size

    344KB

  • Sample

    241016-jajy6atcrq

  • MD5

    4be9d3ad65128e3a1c8ca88f7cba1e07

  • SHA1

    3d6da27995f67f717576090e4c1a773a0f399d3c

  • SHA256

    06d55248b9b75ea77e7088f3eecf00f11778c98b302ca8f560cc8b89685019b1

  • SHA512

    3e61166a584661c0483b711ae11f18cf43eab24b6c9fbc7c1eda946f67fac670dbba6ecfd31aa15d368db799fdedb544eeb2a59ac898d2b4126f3e6cb89ca37c

  • SSDEEP

    6144:M04IUmuuRKmsSuztFMJpycPEW1pDMsF8uouZZkje3bEPyPI3Kdm0QAoaAjjL1:OIUmroaiPODhxZse30yPIdzADijL1

Score
9/10

Malware Config

Targets

    • Target

      4be9d3ad65128e3a1c8ca88f7cba1e07_JaffaCakes118

    • Size

      344KB

    • MD5

      4be9d3ad65128e3a1c8ca88f7cba1e07

    • SHA1

      3d6da27995f67f717576090e4c1a773a0f399d3c

    • SHA256

      06d55248b9b75ea77e7088f3eecf00f11778c98b302ca8f560cc8b89685019b1

    • SHA512

      3e61166a584661c0483b711ae11f18cf43eab24b6c9fbc7c1eda946f67fac670dbba6ecfd31aa15d368db799fdedb544eeb2a59ac898d2b4126f3e6cb89ca37c

    • SSDEEP

      6144:M04IUmuuRKmsSuztFMJpycPEW1pDMsF8uouZZkje3bEPyPI3Kdm0QAoaAjjL1:OIUmroaiPODhxZse30yPIdzADijL1

    Score
    9/10
    • Detected Nirsoft tools

      Free utilities often used by attackers which can steal passwords, product keys, etc.

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Accesses Microsoft Outlook accounts

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks