General
-
Target
67bf85eee19deb41ebbd59e496feb547_JaffaCakes118
-
Size
89KB
-
Sample
240522-s1hnfsga49
-
MD5
67bf85eee19deb41ebbd59e496feb547
-
SHA1
c0c19b794b90ac6aea0a862c7b2b16df4886c5e3
-
SHA256
b7305e52ebfc04fc84f93c10aff51b2e651511f8c521ab78af72f742fe7950ea
-
SHA512
4ee8c2a60c9087de93dc3d46f857b95cc84334c7af1cd77a498025863658e30bd50a5df28467df2dfd53f76d194a1042bf4b5b0e91e0383da4efa2483331d73b
-
SSDEEP
1536:JatMLJyqqTM6eeBUj+FoG2hq/IawHJwcQaAcO4pj1cTvMEackzmo:ItaCUap2hcIamHOObEawo
Behavioral task
behavioral1
Sample
67bf85eee19deb41ebbd59e496feb547_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
pony
http://gamestoredownload.download/setupslyp/setupslyp/gate.php
Targets
-
-
Target
67bf85eee19deb41ebbd59e496feb547_JaffaCakes118
-
Size
89KB
-
MD5
67bf85eee19deb41ebbd59e496feb547
-
SHA1
c0c19b794b90ac6aea0a862c7b2b16df4886c5e3
-
SHA256
b7305e52ebfc04fc84f93c10aff51b2e651511f8c521ab78af72f742fe7950ea
-
SHA512
4ee8c2a60c9087de93dc3d46f857b95cc84334c7af1cd77a498025863658e30bd50a5df28467df2dfd53f76d194a1042bf4b5b0e91e0383da4efa2483331d73b
-
SSDEEP
1536:JatMLJyqqTM6eeBUj+FoG2hq/IawHJwcQaAcO4pj1cTvMEackzmo:ItaCUap2hcIamHOObEawo
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-