General
-
Target
284c6875ff7f9e1196cbbd54ff1b34fb_JaffaCakes118
-
Size
98KB
-
Sample
240706-m2jz1szblb
-
MD5
284c6875ff7f9e1196cbbd54ff1b34fb
-
SHA1
170f73b5de52944b9113fe0897542fff86fa96f8
-
SHA256
7ca45550823eb1d59fb68d7e502538855e1fdde5dbb5ced703bf92313755414a
-
SHA512
fb26175927c9cdf20ea2ae2e6c0ed35b4cc83b53671faa6abaf9c676a5c20ee32637312b9fd87540bcaed1d74b8d3d6793144ec1a4975feff67ea54a60bca946
-
SSDEEP
1536:9E7QsPcnTycCgwyV1LnROIbqjZnHSV5CBdXBYzDTU3tZzFo9PiJTi/9JeeHROZ:9EYgw1nRqMrCBdBIDTov2iJGFfo
Static task
static1
Behavioral task
behavioral1
Sample
284c6875ff7f9e1196cbbd54ff1b34fb_JaffaCakes118.exe
Resource
win7-20240705-en
Malware Config
Extracted
pony
http://50.116.54.37/forum/viewtopic.php
http://209.59.222.174/forum/viewtopic.php
-
payload_url
http://ftp.approachit.com/jZy.exe
http://atualizacoes.issqn.net/FhPD.exe
http://homeringer.com/tWEkgm.exe
Targets
-
-
Target
284c6875ff7f9e1196cbbd54ff1b34fb_JaffaCakes118
-
Size
98KB
-
MD5
284c6875ff7f9e1196cbbd54ff1b34fb
-
SHA1
170f73b5de52944b9113fe0897542fff86fa96f8
-
SHA256
7ca45550823eb1d59fb68d7e502538855e1fdde5dbb5ced703bf92313755414a
-
SHA512
fb26175927c9cdf20ea2ae2e6c0ed35b4cc83b53671faa6abaf9c676a5c20ee32637312b9fd87540bcaed1d74b8d3d6793144ec1a4975feff67ea54a60bca946
-
SSDEEP
1536:9E7QsPcnTycCgwyV1LnROIbqjZnHSV5CBdXBYzDTU3tZzFo9PiJTi/9JeeHROZ:9EYgw1nRqMrCBdBIDTov2iJGFfo
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-