General
-
Target
283553a8e878f0e3786e3f2d0fd550d5_JaffaCakes118
-
Size
159KB
-
Sample
240706-mepa8aycnf
-
MD5
283553a8e878f0e3786e3f2d0fd550d5
-
SHA1
478f16f1dac871ab18768d5801701c56abec5f1e
-
SHA256
ab1ec8875a1f1bbe143e1dbf40cf980ffe05db347c4937be87c2f0100df68b13
-
SHA512
3d0a7ffd625f438f200054f31b9ae449a92c6814ac3bc2dc174aaab6a2a80e64cbe7825f950a74499b22fff6e7c7d2c1b2e85600c2cf2ddb7967a623ff218fa1
-
SSDEEP
1536:KKPE6GbCrQtPVAMUHp4ar7jmH422EThBme15fSYDt5NIO2+dcAOosP13YiJnAU60:Kh6Gb0OVAJ7qGylt955NIO2+dhMVZN60
Static task
static1
Behavioral task
behavioral1
Sample
283553a8e878f0e3786e3f2d0fd550d5_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
283553a8e878f0e3786e3f2d0fd550d5_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
pony
http://etsiunjour.fr:81/pony/gate.php
http://akamaifilms.com:81/pony/gate.php
-
payload_url
http://acarkent24.com/agX.exe
http://archstone.ro/yuzFyjAw.exe
Targets
-
-
Target
283553a8e878f0e3786e3f2d0fd550d5_JaffaCakes118
-
Size
159KB
-
MD5
283553a8e878f0e3786e3f2d0fd550d5
-
SHA1
478f16f1dac871ab18768d5801701c56abec5f1e
-
SHA256
ab1ec8875a1f1bbe143e1dbf40cf980ffe05db347c4937be87c2f0100df68b13
-
SHA512
3d0a7ffd625f438f200054f31b9ae449a92c6814ac3bc2dc174aaab6a2a80e64cbe7825f950a74499b22fff6e7c7d2c1b2e85600c2cf2ddb7967a623ff218fa1
-
SSDEEP
1536:KKPE6GbCrQtPVAMUHp4ar7jmH422EThBme15fSYDt5NIO2+dcAOosP13YiJnAU60:Kh6Gb0OVAJ7qGylt955NIO2+dhMVZN60
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-