General
-
Target
04cab61c87eb1e84de41c0cb879665d6_JaffaCakes118
-
Size
127KB
-
Sample
240428-khqbksbg99
-
MD5
04cab61c87eb1e84de41c0cb879665d6
-
SHA1
5881c2b7aa3cb8dd0d89104ef7de00e0035cdde2
-
SHA256
05de5a55fa9347f9372cd46775c0795dbb843eecb3f2cdfe4bdbafc69a5c87ef
-
SHA512
db44ee97da91fd1dfca18fe5f0ab6f5c0e365f3a975badf19a2b927ab09dd08a336b30818b9af959727472ad65c73918de42028e2e313534a87111698b7e2a35
-
SSDEEP
3072:AvS/960RYrBKjpDoclmctfrvRzYRtyBMbgJ22tyq8:AvSzRY1KBltNVoSMbgJ22U1
Static task
static1
Behavioral task
behavioral1
Sample
04cab61c87eb1e84de41c0cb879665d6_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
pony
http://cheifoh.webege.com/gate.php
Targets
-
-
Target
04cab61c87eb1e84de41c0cb879665d6_JaffaCakes118
-
Size
127KB
-
MD5
04cab61c87eb1e84de41c0cb879665d6
-
SHA1
5881c2b7aa3cb8dd0d89104ef7de00e0035cdde2
-
SHA256
05de5a55fa9347f9372cd46775c0795dbb843eecb3f2cdfe4bdbafc69a5c87ef
-
SHA512
db44ee97da91fd1dfca18fe5f0ab6f5c0e365f3a975badf19a2b927ab09dd08a336b30818b9af959727472ad65c73918de42028e2e313534a87111698b7e2a35
-
SSDEEP
3072:AvS/960RYrBKjpDoclmctfrvRzYRtyBMbgJ22tyq8:AvSzRY1KBltNVoSMbgJ22U1
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-