General
-
Target
80981cf32fc2552d470731ba72546638_JaffaCakes118
-
Size
161KB
-
Sample
240529-nmyejadg29
-
MD5
80981cf32fc2552d470731ba72546638
-
SHA1
3c9d04217f615b006ecdee504e65e7e922375153
-
SHA256
f3e3d08f203413fe53d984b7e82eb660d785a5060386f0077dae525c08456520
-
SHA512
e62fafd9b7a50346fe1c55a41353a2151d807d336ed3edb3b11ca7588ecf51c1b7c8ecf3aa4b78085ee2d1e06c552ef7f427ed41d6cc850342f8ec075c565bf0
-
SSDEEP
3072:E9TLZhs0uDI0rAfOXl+y+uql/GOtsrVrqhTqndtndhndKndI:MTLFuD6fOXlql/GLJrqqndtndhndKndI
Behavioral task
behavioral1
Sample
80981cf32fc2552d470731ba72546638_JaffaCakes118.exe
Resource
win7-20240419-en
Malware Config
Extracted
pony
http://butterchoco.net/admin/bull/gate.php
Targets
-
-
Target
80981cf32fc2552d470731ba72546638_JaffaCakes118
-
Size
161KB
-
MD5
80981cf32fc2552d470731ba72546638
-
SHA1
3c9d04217f615b006ecdee504e65e7e922375153
-
SHA256
f3e3d08f203413fe53d984b7e82eb660d785a5060386f0077dae525c08456520
-
SHA512
e62fafd9b7a50346fe1c55a41353a2151d807d336ed3edb3b11ca7588ecf51c1b7c8ecf3aa4b78085ee2d1e06c552ef7f427ed41d6cc850342f8ec075c565bf0
-
SSDEEP
3072:E9TLZhs0uDI0rAfOXl+y+uql/GOtsrVrqhTqndtndhndKndI:MTLFuD6fOXlql/GLJrqqndtndhndKndI
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-