General
-
Target
8cb57142203a2d17bb348130b885cc6f_JaffaCakes118
-
Size
4.1MB
-
Sample
241103-v9sacs1ajk
-
MD5
8cb57142203a2d17bb348130b885cc6f
-
SHA1
f4fe17ad63678b50ce948d680d8913162cb670e7
-
SHA256
b99d0087d7ff6ae26b979c55e8fc6aadd71e4e97747f6e64c2f5febd5e82eeb1
-
SHA512
e98a4fa163941c8713123f1a4b17688d5becb63efeeee7caf817b5cf6b86eef7f4fc70a2e61b55ab1ee3c32431c71f4693ef4bb3c0eea4a852a4b0ebfb44f960
-
SSDEEP
3072:w+1wNDJm6C8AAdVxOjkHyKVffg7S2WxKRskGbpOfEqbU:/yNtm/ACkHyI2WxMsJbpOfEqQ
Static task
static1
Behavioral task
behavioral1
Sample
8cb57142203a2d17bb348130b885cc6f_JaffaCakes118.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
8cb57142203a2d17bb348130b885cc6f_JaffaCakes118
-
Size
4.1MB
-
MD5
8cb57142203a2d17bb348130b885cc6f
-
SHA1
f4fe17ad63678b50ce948d680d8913162cb670e7
-
SHA256
b99d0087d7ff6ae26b979c55e8fc6aadd71e4e97747f6e64c2f5febd5e82eeb1
-
SHA512
e98a4fa163941c8713123f1a4b17688d5becb63efeeee7caf817b5cf6b86eef7f4fc70a2e61b55ab1ee3c32431c71f4693ef4bb3c0eea4a852a4b0ebfb44f960
-
SSDEEP
3072:w+1wNDJm6C8AAdVxOjkHyKVffg7S2WxKRskGbpOfEqbU:/yNtm/ACkHyI2WxMsJbpOfEqQ
-
Detected Nirsoft tools
Free utilities often used by attackers which can steal passwords, product keys, etc.
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Accesses Microsoft Outlook accounts
-