Overview

overview

9

Static

static

3

9e48e6f065...18.exe

windows7-x64

9

9e48e6f065...18.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9e48e6f06510660156ad80342a8b06a4_JaffaCakes118

  • Size

    278KB

  • Sample

    241125-2ha1bswqhr

  • MD5

    9e48e6f06510660156ad80342a8b06a4

  • SHA1

    b8ffe03975a171c4cf231a2e714e75e1ac9e061d

  • SHA256

    14dc6c810d05eb1495553e3b8ae5957295ba74ff05c33f01953f60045f78fa87

  • SHA512

    c3522957117e157f8c5edc142ae5b4eebe9d25c6c8490d1564b6f12b20be026600bb17bb3407d20ebcb546a7ce65ceef97714ce1d9bc3fbc79c65e8cda349b0e

  • SSDEEP

    6144:ZplxR++UT/dwsoMi1TQ+yBuFzQgqj2NHez2TfUXJ/8DCcqWiKY1:ZjxR9UTV5i1U+yOsgqj2lC2I18DfqWda

Score
9/10
collectiondiscovery

Malware Config

Targets

    • Target

      9e48e6f06510660156ad80342a8b06a4_JaffaCakes118

    • Size

      278KB

    • MD5

      9e48e6f06510660156ad80342a8b06a4

    • SHA1

      b8ffe03975a171c4cf231a2e714e75e1ac9e061d

    • SHA256

      14dc6c810d05eb1495553e3b8ae5957295ba74ff05c33f01953f60045f78fa87

    • SHA512

      c3522957117e157f8c5edc142ae5b4eebe9d25c6c8490d1564b6f12b20be026600bb17bb3407d20ebcb546a7ce65ceef97714ce1d9bc3fbc79c65e8cda349b0e

    • SSDEEP

      6144:ZplxR++UT/dwsoMi1TQ+yBuFzQgqj2NHez2TfUXJ/8DCcqWiKY1:ZjxR9UTV5i1U+yOsgqj2lC2I18DfqWda

    Score
    9/10
    collectiondiscovery

    • Detected Nirsoft tools

      Free utilities often used by attackers which can steal passwords, product keys, etc.

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Accesses Microsoft Outlook accounts

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks