General
-
Target
1ab972d21a41197f729a420db3524a24_JaffaCakes118
-
Size
1.4MB
-
Sample
240701-k6n4eswgjr
-
MD5
1ab972d21a41197f729a420db3524a24
-
SHA1
54d665ef2ef510b16196771e1c9e986dfc1f057c
-
SHA256
5fb04c97b2bf36c4854a8697bf7d6dad56159922883d16b7c14a040bf7322dfb
-
SHA512
c264aabd688198f8c85822c6ce2c4f7f3d4ff452815d4656acfd7433798cce9cff42e3fab4ce1ebc9ea337fd692bb02705f33fafe396c76cc4e22abece2b7496
-
SSDEEP
24576:+MoK+hCvuJOQIVCOnAek2v8eqyfHSCFUDN+LwK17W0yV8uDShsOuk:+WVCwoKL6DRK1sV8u0sY
Malware Config
Targets
-
-
Target
1ab972d21a41197f729a420db3524a24_JaffaCakes118
-
Size
1.4MB
-
MD5
1ab972d21a41197f729a420db3524a24
-
SHA1
54d665ef2ef510b16196771e1c9e986dfc1f057c
-
SHA256
5fb04c97b2bf36c4854a8697bf7d6dad56159922883d16b7c14a040bf7322dfb
-
SHA512
c264aabd688198f8c85822c6ce2c4f7f3d4ff452815d4656acfd7433798cce9cff42e3fab4ce1ebc9ea337fd692bb02705f33fafe396c76cc4e22abece2b7496
-
SSDEEP
24576:+MoK+hCvuJOQIVCOnAek2v8eqyfHSCFUDN+LwK17W0yV8uDShsOuk:+WVCwoKL6DRK1sV8u0sY
Score9/10-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-