jason (Malware Family)
By Fraunhofer FKIE
Archived: 2026-04-02 12:12:50 UTC
jason
Actor(s): OilRig
Jason is a graphic tool implemented to perform Microsoft exchange account brute-force in order to “harvest” the
highest possible emails and accounts information. Distributed in a ZIP container the interface is quite intuitive: the
Microsoft exchange address and its version shall be provided. Three brute-force methods could be selected: EWS
(Exchange Web Service), OAB (Offline Address Book) or both (All). Username and password list can be selected
and threads number should be provided in order to optimize the attack balance.
References
Yara Rules
[TLP:WHITE] win_jason_w0 (20191029 | APT34 Jason)
Download all Yara Rules
Source: https://malpedia.caad.fkie.fraunhofer.de/details/win.jason
https://malpedia.caad.fkie.fraunhofer.de/details/win.jason
Page 1 of 1