ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool Jason

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Jason

NamesJason
CategoryMalware
TypeCredential stealer
DescriptionJason is a graphic tool implemented to perform Microsoft exchange account brute-force in order to “harvest” the highest possible emails and accounts information. Distributed in a ZIP container (a copy is available here) the interface is quite intuitive: the Microsoft exchange address and its version shall be provided (even if in the code a DNS-domain discovery mode function is available). Three brute-force methods could be selected: EWS (Exchange Web Service), OAB (Offline Address Book) or both (All). Username and password list can be selected (included in the distributed ZIP file) and threads number should be provided in order to optimize the attack balance.
Information<https://marcoramilli.com/2019/06/06/apt34-jason-project/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.jason>

Last change to this tool card: 23 April 2021

Download this tool card in JSON format

Previous: Janicab
Next: Jasus

All groups using tool Jason

ChangedNameCountryObserved

APT groups

 OilRig, APT 34, Helix Kitten, ChryseneIran2014-Jan 2021X

1 group listed (1 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key