General
-
Target
28619bf1fdf007ac562555a3738d8013_JaffaCakes118
-
Size
195KB
-
Sample
240706-q5qthsyhkl
-
MD5
28619bf1fdf007ac562555a3738d8013
-
SHA1
6cc2893ff25e7ad58fecd764741754f8cddd3c3d
-
SHA256
2c607b8f55078858e067738e3a805d532539d54ff2094fef828f72a21656c564
-
SHA512
9415d0fe866dd1e218d640506c183f8a9d3c540c68c85617ebea21ccff6816601b42f10fc9186d9779c4deb71de153dbf1ad6e2c8c9f664db1de5a38ad90d9f4
-
SSDEEP
1536:Rr+YfJ2HLVMFXoCvLd5OcqzXTldKHgCM+LFH2/cTkBi7shGSdj1VrJpwjcMGaqEK:YYfMHoXDbqzqHxM+J/kBiIVTEcMGLd
Static task
static1
Behavioral task
behavioral1
Sample
28619bf1fdf007ac562555a3738d8013_JaffaCakes118.exe
Resource
win7-20240705-en
Malware Config
Extracted
pony
http://momus.com.tw:8080/pony/gate.php
-
payload_url
http://www.dihal.com.br/aB64Vw6G/L6f.exe
http://rosariodanza.com/CpTXByXo/qGzt2gTT.exe
http://alicianovias.com.ar/Pw0g76UB/kjjEmJ.exe
http://ssquarehospitality.com/to04gp5h/ewR7.exe
Targets
-
-
Target
28619bf1fdf007ac562555a3738d8013_JaffaCakes118
-
Size
195KB
-
MD5
28619bf1fdf007ac562555a3738d8013
-
SHA1
6cc2893ff25e7ad58fecd764741754f8cddd3c3d
-
SHA256
2c607b8f55078858e067738e3a805d532539d54ff2094fef828f72a21656c564
-
SHA512
9415d0fe866dd1e218d640506c183f8a9d3c540c68c85617ebea21ccff6816601b42f10fc9186d9779c4deb71de153dbf1ad6e2c8c9f664db1de5a38ad90d9f4
-
SSDEEP
1536:Rr+YfJ2HLVMFXoCvLd5OcqzXTldKHgCM+LFH2/cTkBi7shGSdj1VrJpwjcMGaqEK:YYfMHoXDbqzqHxM+J/kBiIVTEcMGLd
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-