General
-
Target
1cad7abf489559c447394259605a59e8_JaffaCakes118
-
Size
171KB
-
Sample
240701-124ajssgjf
-
MD5
1cad7abf489559c447394259605a59e8
-
SHA1
49e18223d86545a6dcb8eb6dfb6bdffca2174b1e
-
SHA256
e3497ce71b9471d0c18deba15494e554c9fef34d86b4c24285390ed4d65c418f
-
SHA512
14cf15471df5f1aa22f9ebc2d29397fe22f7eb802ba41ef00a1675699c51b1634e7688618d01c19e70d273a05259120727c180a7974e21affcd863061d4b8fde
-
SSDEEP
3072:h61Ne8NdQc6U1OzNGQJ1mg5RZbQ+syyNDQS9fR8PhaYQ5Puuuuuuuuuuuuuuuuu4:s1N/NdQK1OzbJ55RZruQ2RSkJpuuuuuQ
Static task
static1
Behavioral task
behavioral1
Sample
1cad7abf489559c447394259605a59e8_JaffaCakes118.exe
Resource
win7-20240611-en
Malware Config
Extracted
pony
http://187.9.27.164:8080/forum/viewtopic.php
http://74.91.121.211/forum/viewtopic.php
-
payload_url
http://www.cosabolle.it/91rfRY.exe
http://articolebebelusi.ro/Ftxqbkbd.exe
http://r555.info/41LMMbt5.exe
Targets
-
-
Target
1cad7abf489559c447394259605a59e8_JaffaCakes118
-
Size
171KB
-
MD5
1cad7abf489559c447394259605a59e8
-
SHA1
49e18223d86545a6dcb8eb6dfb6bdffca2174b1e
-
SHA256
e3497ce71b9471d0c18deba15494e554c9fef34d86b4c24285390ed4d65c418f
-
SHA512
14cf15471df5f1aa22f9ebc2d29397fe22f7eb802ba41ef00a1675699c51b1634e7688618d01c19e70d273a05259120727c180a7974e21affcd863061d4b8fde
-
SSDEEP
3072:h61Ne8NdQc6U1OzNGQJ1mg5RZbQ+syyNDQS9fR8PhaYQ5Puuuuuuuuuuuuuuuuu4:s1N/NdQK1OzbJ55RZruQ2RSkJpuuuuuQ
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-