General
-
Target
1bd0b2857c5ca1d309b200fcc047b88d_JaffaCakes118
-
Size
1.4MB
-
Sample
240701-vn7sxstclq
-
MD5
1bd0b2857c5ca1d309b200fcc047b88d
-
SHA1
d32748049534bb0dcbdff75538a1f7a2467b72b9
-
SHA256
0d738830fb6666fa2d199e7bd3e9fd6b8dcbb13d474867a746fb97ca2ce15e02
-
SHA512
6f74139e136434ce64af1e091b21c16687acbbf88d8ab574d43b9a65e94480e6f8c0beb649e6ae27033e103537f7ec742e9cb8ba08baa9091eb198b9d3783c1f
-
SSDEEP
24576:xMTIkEmC0Dhrr8ckM2DD4J1NiD29BhLTi/bGP6h5FbnjIwnBeF7K+emesnedr:xlkDPRrSsT5TLu/SPe55kuAUmvG
Static task
static1
Behavioral task
behavioral1
Sample
1bd0b2857c5ca1d309b200fcc047b88d_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
1bd0b2857c5ca1d309b200fcc047b88d_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
1bd0b2857c5ca1d309b200fcc047b88d_JaffaCakes118
-
Size
1.4MB
-
MD5
1bd0b2857c5ca1d309b200fcc047b88d
-
SHA1
d32748049534bb0dcbdff75538a1f7a2467b72b9
-
SHA256
0d738830fb6666fa2d199e7bd3e9fd6b8dcbb13d474867a746fb97ca2ce15e02
-
SHA512
6f74139e136434ce64af1e091b21c16687acbbf88d8ab574d43b9a65e94480e6f8c0beb649e6ae27033e103537f7ec742e9cb8ba08baa9091eb198b9d3783c1f
-
SSDEEP
24576:xMTIkEmC0Dhrr8ckM2DD4J1NiD29BhLTi/bGP6h5FbnjIwnBeF7K+emesnedr:xlkDPRrSsT5TLu/SPe55kuAUmvG
Score9/10-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-