General
-
Target
76592bba86375897a52f622cdb22d6d6_JaffaCakes118
-
Size
97KB
-
Sample
240526-wpgtkaff97
-
MD5
76592bba86375897a52f622cdb22d6d6
-
SHA1
af8a96717feea25577a4c070728ab720d7cde46d
-
SHA256
1dd8983153ec38520708a33864e5c0eafea4e0b16d6ffd497c5a0c387cf9e903
-
SHA512
fc6f01cc188004b0bf906e6c14346193edccf1a260a93be164b027a0335f09b93e49871cf5612eff4f649fe80e3ae762a04dc95afc721eb2b38d26e9f1f0e408
-
SSDEEP
1536:Cje7mQjct5qTsW7Y/P8N4k70dqZFMv+2Xm2QQOhvGTvgkzbkwk3/Lr/W:eAm+O+YUL7gqZV0ORgZk3/Lr
Behavioral task
behavioral1
Sample
76592bba86375897a52f622cdb22d6d6_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
pony
http://homiezdoing.biz/kuns/ponnie/gate.php
Targets
-
-
Target
76592bba86375897a52f622cdb22d6d6_JaffaCakes118
-
Size
97KB
-
MD5
76592bba86375897a52f622cdb22d6d6
-
SHA1
af8a96717feea25577a4c070728ab720d7cde46d
-
SHA256
1dd8983153ec38520708a33864e5c0eafea4e0b16d6ffd497c5a0c387cf9e903
-
SHA512
fc6f01cc188004b0bf906e6c14346193edccf1a260a93be164b027a0335f09b93e49871cf5612eff4f649fe80e3ae762a04dc95afc721eb2b38d26e9f1f0e408
-
SSDEEP
1536:Cje7mQjct5qTsW7Y/P8N4k70dqZFMv+2Xm2QQOhvGTvgkzbkwk3/Lr/W:eAm+O+YUL7gqZV0ORgZk3/Lr
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-