General
-
Target
1ca9d88f9a989731005acca399b7fcd4_JaffaCakes118
-
Size
159KB
-
Sample
240701-1zppdawfmq
-
MD5
1ca9d88f9a989731005acca399b7fcd4
-
SHA1
873876d08585e106f3c68523ed4dada3f084335e
-
SHA256
12a529722ec9138a5924c46fe8db6aeaa472a0c97368692e0d16bea4f40e6e53
-
SHA512
fb37430a220e321ddcf9b812cb2a7a4bb4ad9704e845223e3c42a948c210aca6567f8ae2595e0788a2483e049b251a70fae098651738a6b8ee851cb81aa8e42a
-
SSDEEP
3072:JhLS9lyV2dhlgjI32JwY+ZSNIO2LeYr0m8ol0EI6V:JhpVQC6dY+UIGmn0Er
Static task
static1
Behavioral task
behavioral1
Sample
1ca9d88f9a989731005acca399b7fcd4_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1ca9d88f9a989731005acca399b7fcd4_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
pony
http://etsiunjour.fr:81/pony/gate.php
http://akamaifilms.com:81/pony/gate.php
-
payload_url
http://www.haldwanionline.com/220nMWMH/oRcWgt.exe
http://megamodelcampinas.com.br/mYcq49H3/KunKrn.exe
http://woofandme.com/V9DwYJtb/Gep.exe
http://www.studiobernasconipaghe.it/Y6MVPfVk/vHMKQXb.exe
Targets
-
-
Target
1ca9d88f9a989731005acca399b7fcd4_JaffaCakes118
-
Size
159KB
-
MD5
1ca9d88f9a989731005acca399b7fcd4
-
SHA1
873876d08585e106f3c68523ed4dada3f084335e
-
SHA256
12a529722ec9138a5924c46fe8db6aeaa472a0c97368692e0d16bea4f40e6e53
-
SHA512
fb37430a220e321ddcf9b812cb2a7a4bb4ad9704e845223e3c42a948c210aca6567f8ae2595e0788a2483e049b251a70fae098651738a6b8ee851cb81aa8e42a
-
SSDEEP
3072:JhLS9lyV2dhlgjI32JwY+ZSNIO2LeYr0m8ol0EI6V:JhpVQC6dY+UIGmn0Er
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-