General
-
Target
7007d18572c698684034bfad2b362b89_JaffaCakes118
-
Size
342KB
-
Sample
241023-vzdn8a1hkg
-
MD5
7007d18572c698684034bfad2b362b89
-
SHA1
82465a723e7261d4c85453bcafa71e05e30ba7f1
-
SHA256
81269b9ac377952e152d435a0befc327cf04e15b78e1864a117920314f268696
-
SHA512
e95b2c6b3207d08c8f66e8185c409c2987e8bd7126950f100d7d81c831974e24504ad1ef7d765bf828bf440904107b10a4d93d263b6a9eac2b4c9a0c797c92fa
-
SSDEEP
6144:ZUPVfXdXzazDKSw47JllSr28LNhsibjlaIuhT98ai2Q4I4TUvW+N:GPFdXGzDKvWJerhrCc2cgUvvN
Static task
static1
Behavioral task
behavioral1
Sample
7007d18572c698684034bfad2b362b89_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
7007d18572c698684034bfad2b362b89_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
7007d18572c698684034bfad2b362b89_JaffaCakes118
-
Size
342KB
-
MD5
7007d18572c698684034bfad2b362b89
-
SHA1
82465a723e7261d4c85453bcafa71e05e30ba7f1
-
SHA256
81269b9ac377952e152d435a0befc327cf04e15b78e1864a117920314f268696
-
SHA512
e95b2c6b3207d08c8f66e8185c409c2987e8bd7126950f100d7d81c831974e24504ad1ef7d765bf828bf440904107b10a4d93d263b6a9eac2b4c9a0c797c92fa
-
SSDEEP
6144:ZUPVfXdXzazDKSw47JllSr28LNhsibjlaIuhT98ai2Q4I4TUvW+N:GPFdXGzDKvWJerhrCc2cgUvvN
-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
Detected Nirsoft tools
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Accesses Microsoft Outlook accounts
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-