General
-
Target
8db09e06307b83a62ea8cceff6a4aff7_JaffaCakes118
-
Size
760KB
-
Sample
241103-1vmn8avla1
-
MD5
8db09e06307b83a62ea8cceff6a4aff7
-
SHA1
ebc5502cfa66701c96bac107c4211b1376360718
-
SHA256
a8a9645a8e2dc99ea99fa711285d29e7bc66bb709ce3861653a7e562d47b6a4e
-
SHA512
a6e4e64d5347037aadd61b65761bd3133b75ac3a8f729cfc21adf175291b161b1a8ce575d5424b480a754ebe31f276553fcd0eef2c844c7a117780025f8c32e8
-
SSDEEP
12288:CCFaUp21XoXRUyPWQ8sXGZ0wechZUjYn5mN2yfwSbmOeFXAt3LMA6apXk5REzW5I:d9KY2YWQwRZUEn5mN2WwGe82apXk5RE7
Static task
static1
Behavioral task
behavioral1
Sample
8db09e06307b83a62ea8cceff6a4aff7_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
8db09e06307b83a62ea8cceff6a4aff7_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8db09e06307b83a62ea8cceff6a4aff7_JaffaCakes118
-
Size
760KB
-
MD5
8db09e06307b83a62ea8cceff6a4aff7
-
SHA1
ebc5502cfa66701c96bac107c4211b1376360718
-
SHA256
a8a9645a8e2dc99ea99fa711285d29e7bc66bb709ce3861653a7e562d47b6a4e
-
SHA512
a6e4e64d5347037aadd61b65761bd3133b75ac3a8f729cfc21adf175291b161b1a8ce575d5424b480a754ebe31f276553fcd0eef2c844c7a117780025f8c32e8
-
SSDEEP
12288:CCFaUp21XoXRUyPWQ8sXGZ0wechZUjYn5mN2yfwSbmOeFXAt3LMA6apXk5REzW5I:d9KY2YWQwRZUEn5mN2WwGe82apXk5RE7
Score9/10-
Detected Nirsoft tools
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-