General
-
Target
1aa0378195cf94c8cbaf9f21e84dbead_JaffaCakes118
-
Size
185KB
-
Sample
240701-khcqgsverq
-
MD5
1aa0378195cf94c8cbaf9f21e84dbead
-
SHA1
7e9b81ccdbfb28aa8b87e8ad31f571143719511e
-
SHA256
16cb13bd319fbead043c5ebe6be2a3b8e2ee02bf5c3da907a2c2e34374467d43
-
SHA512
b5036203be69ed7147cb90eaa22aeb4f3654d23e4a18392a064a558ffc2432a47808b36e1005cc9e695014f483c76c01c91e42d4cb7427e14e873e39074b87ee
-
SSDEEP
3072:gcJx2eJZUMcIUaFPmgRMNlPTGQQm6ytwZEsrYkK4kH5N5:gcJxbJiM598gWNlPTGQQm6agrdU5z
Static task
static1
Behavioral task
behavioral1
Sample
1aa0378195cf94c8cbaf9f21e84dbead_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
1aa0378195cf94c8cbaf9f21e84dbead_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
1aa0378195cf94c8cbaf9f21e84dbead_JaffaCakes118
-
Size
185KB
-
MD5
1aa0378195cf94c8cbaf9f21e84dbead
-
SHA1
7e9b81ccdbfb28aa8b87e8ad31f571143719511e
-
SHA256
16cb13bd319fbead043c5ebe6be2a3b8e2ee02bf5c3da907a2c2e34374467d43
-
SHA512
b5036203be69ed7147cb90eaa22aeb4f3654d23e4a18392a064a558ffc2432a47808b36e1005cc9e695014f483c76c01c91e42d4cb7427e14e873e39074b87ee
-
SSDEEP
3072:gcJx2eJZUMcIUaFPmgRMNlPTGQQm6ytwZEsrYkK4kH5N5:gcJxbJiM598gWNlPTGQQm6agrdU5z
Score9/10-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
Accesses Microsoft Outlook accounts
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-