General
-
Target
1acef65f75b1eb85db261477b21c0578_JaffaCakes118
-
Size
128KB
-
Sample
240701-ln8wjsxfmm
-
MD5
1acef65f75b1eb85db261477b21c0578
-
SHA1
109fde376b267a63df65e0677e272745061e0ce1
-
SHA256
edd52ccfcd361eb2bbff79cd9f29521e2d923482047a0233a6d0e19161b37b08
-
SHA512
2224b7e213c7a2c1d020fbe30c470991e0d511207ef5ab2abe08dc3325bd05d3d58950b75afe2928588eed9db595a7997658b1dc406a13b09c5b67f3d90bfa2e
-
SSDEEP
3072:FODXDe2/0fkIcEz75lDVE8zgiY9jnHPcbBzS:cDXDeBfnRz1lDVEsOHgz
Static task
static1
Behavioral task
behavioral1
Sample
1acef65f75b1eb85db261477b21c0578_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
pony
http://198.143.159.92/forum/viewtopic.php
http://50.116.54.37/forum/viewtopic.php
-
payload_url
http://sprinksys.com/kWWCPfd.exe
http://planenrs.com.br/yYXQ.exe
http://www.fahrsicherheit-cardrive.de/ZGg.exe
Targets
-
-
Target
1acef65f75b1eb85db261477b21c0578_JaffaCakes118
-
Size
128KB
-
MD5
1acef65f75b1eb85db261477b21c0578
-
SHA1
109fde376b267a63df65e0677e272745061e0ce1
-
SHA256
edd52ccfcd361eb2bbff79cd9f29521e2d923482047a0233a6d0e19161b37b08
-
SHA512
2224b7e213c7a2c1d020fbe30c470991e0d511207ef5ab2abe08dc3325bd05d3d58950b75afe2928588eed9db595a7997658b1dc406a13b09c5b67f3d90bfa2e
-
SSDEEP
3072:FODXDe2/0fkIcEz75lDVE8zgiY9jnHPcbBzS:cDXDeBfnRz1lDVEsOHgz
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-