General
-
Target
e31a5f55a3cbc61d7a1e4bb81a95d109_JaffaCakes118
-
Size
190KB
-
Sample
240406-x6c3dagg4x
-
MD5
e31a5f55a3cbc61d7a1e4bb81a95d109
-
SHA1
416e42f34f58c936e12b7a4884760e3cfabd9667
-
SHA256
6184de5a62f3ce186e72be190b9fa5f4f9d828d0ab7490fa93ad2bbc3ce6a177
-
SHA512
3a87c11bca6139d2c1ce8063cbf858c8b3878c858161897d79f4e5fec788e1627b7a6b3f6cd802b4994d28a228de98e0736ad21eaf227a5cd59f54c2dc85c54e
-
SSDEEP
3072:Ni97HJLI3YI/TRdoNf8CUjTnVgM6mjLLWpL:g927vTVvDfLYL
Static task
static1
Behavioral task
behavioral1
Sample
e31a5f55a3cbc61d7a1e4bb81a95d109_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e31a5f55a3cbc61d7a1e4bb81a95d109_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
pony
http://etsiunjour.fr:81/pony/gate.php
http://69.194.194.238/pony/gate.php
-
payload_url
http://udveksling.cadesignform.dk/exFX.exe
http://bestyun.sshel.com/Lsqu.exe
http://asaptax.com/xKkq.exe
Targets
-
-
Target
e31a5f55a3cbc61d7a1e4bb81a95d109_JaffaCakes118
-
Size
190KB
-
MD5
e31a5f55a3cbc61d7a1e4bb81a95d109
-
SHA1
416e42f34f58c936e12b7a4884760e3cfabd9667
-
SHA256
6184de5a62f3ce186e72be190b9fa5f4f9d828d0ab7490fa93ad2bbc3ce6a177
-
SHA512
3a87c11bca6139d2c1ce8063cbf858c8b3878c858161897d79f4e5fec788e1627b7a6b3f6cd802b4994d28a228de98e0736ad21eaf227a5cd59f54c2dc85c54e
-
SSDEEP
3072:Ni97HJLI3YI/TRdoNf8CUjTnVgM6mjLLWpL:g927vTVvDfLYL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-