 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: Jason| Names | Jason | |
| Category | Malware | |
| Type | Credential stealer | |
| Description | Jason is a graphic tool implemented to perform Microsoft exchange account brute-force in order to “harvest” the highest possible emails and accounts information. Distributed in a ZIP container (a copy is available here) the interface is quite intuitive: the Microsoft exchange address and its version shall be provided (even if in the code a DNS-domain discovery mode function is available). Three brute-force methods could be selected: EWS (Exchange Web Service), OAB (Offline Address Book) or both (All). Username and password list can be selected (included in the distributed ZIP file) and threads number should be provided in order to optimize the attack balance. | |
| Information | <https://marcoramilli.com/2019/06/06/apt34-jason-project/> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.jason> | |
Last change to this tool card: 24 April 2021
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| OilRig, APT 34, Helix Kitten, Chrysene |  | 2014-Aug 2023 |  | ||
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |