General
-
Target
288c9676fcb37ba6888dc9ed729343dc_JaffaCakes118
-
Size
159KB
-
Sample
240706-r8fnds1fqm
-
MD5
288c9676fcb37ba6888dc9ed729343dc
-
SHA1
f71084d8437e71f9796fae88f6aa043a0044031c
-
SHA256
132a8860b25eff9c38b32c0bd6f5a8fc27f3c25b1b9856dc9b97d4ebe2828393
-
SHA512
ce7b93c3d1791702a0489388f4a57483afa29c17525fab135a55267ec19258449ea5691866e03d3b4c9b42c3741d4574c72c206e0d087432c7b5d9db226f05ea
-
SSDEEP
3072:ih5S9lyV2dhlgjI32JwY+ZSNIO2LeYr0m8ol0EI61:ihHVQC6dY+UIGmn0EX
Static task
static1
Behavioral task
behavioral1
Sample
288c9676fcb37ba6888dc9ed729343dc_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
288c9676fcb37ba6888dc9ed729343dc_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
pony
http://etsiunjour.fr:81/pony/gate.php
http://akamaifilms.com:81/pony/gate.php
-
payload_url
http://www.haldwanionline.com/220nMWMH/oRcWgt.exe
http://megamodelcampinas.com.br/mYcq49H3/KunKrn.exe
http://woofandme.com/V9DwYJtb/Gep.exe
http://www.studiobernasconipaghe.it/Y6MVPfVk/vHMKQXb.exe
Targets
-
-
Target
288c9676fcb37ba6888dc9ed729343dc_JaffaCakes118
-
Size
159KB
-
MD5
288c9676fcb37ba6888dc9ed729343dc
-
SHA1
f71084d8437e71f9796fae88f6aa043a0044031c
-
SHA256
132a8860b25eff9c38b32c0bd6f5a8fc27f3c25b1b9856dc9b97d4ebe2828393
-
SHA512
ce7b93c3d1791702a0489388f4a57483afa29c17525fab135a55267ec19258449ea5691866e03d3b4c9b42c3741d4574c72c206e0d087432c7b5d9db226f05ea
-
SSDEEP
3072:ih5S9lyV2dhlgjI32JwY+ZSNIO2LeYr0m8ol0EI61:ihHVQC6dY+UIGmn0EX
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-