General
-
Target
7ce91083d36a59848f77271ce7e5a906_JaffaCakes118
-
Size
101KB
-
Sample
240528-pekzxace3t
-
MD5
7ce91083d36a59848f77271ce7e5a906
-
SHA1
299f2f274ce0f97ec3285d56e6bec4fe2ffb3149
-
SHA256
330ee78b690e5717b050aa10ba630f8bd4d9e3816605815a3160766e439270d8
-
SHA512
a175b0468f6b6480cbd5e85b1e8e9312ec40459a39f1b1507d327ec1755d466d870092959ef85c4f77473b7db4c348f59e608cf2d138fa0077ec8c54f29ee64d
-
SSDEEP
1536:NAjvjexN34sbBIqAsoUIj/gsvfUoijeoEVr1T4JMlsxPbDvZKCBDIP9WvnrVv:S/CNosyiIJ0nkrxsxPbDlDM8rV
Static task
static1
Behavioral task
behavioral1
Sample
7ce91083d36a59848f77271ce7e5a906_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Extracted
pony
http://yourverifiycation.com/mandis/panelnew/gate.php
Targets
-
-
Target
7ce91083d36a59848f77271ce7e5a906_JaffaCakes118
-
Size
101KB
-
MD5
7ce91083d36a59848f77271ce7e5a906
-
SHA1
299f2f274ce0f97ec3285d56e6bec4fe2ffb3149
-
SHA256
330ee78b690e5717b050aa10ba630f8bd4d9e3816605815a3160766e439270d8
-
SHA512
a175b0468f6b6480cbd5e85b1e8e9312ec40459a39f1b1507d327ec1755d466d870092959ef85c4f77473b7db4c348f59e608cf2d138fa0077ec8c54f29ee64d
-
SSDEEP
1536:NAjvjexN34sbBIqAsoUIj/gsvfUoijeoEVr1T4JMlsxPbDvZKCBDIP9WvnrVv:S/CNosyiIJ0nkrxsxPbDlDM8rV
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-