General
-
Target
a36f560c7313515f70cb4e029ba0801b_JaffaCakes118
-
Size
90KB
-
Sample
240613-b8wrlszele
-
MD5
a36f560c7313515f70cb4e029ba0801b
-
SHA1
1d8e657bb2ea17fdfa66d40c415702331b1fc4cd
-
SHA256
353947f8b1bfb30ee4f90e4c243b37b8ebc603a74cc1c94d8d40f9ab4b0a91e3
-
SHA512
dfaa99de6ae3aa2a15a78776b57184d4cc503515057740d8806cea07f7520c28454b600edd9310bd404e11ea8efb9fec3df92afcec468613630da06a257ba622
-
SSDEEP
1536:UnSncgyGqTDRXmGcwSCfZDalZNg9tvo0iO3AX4ApTvMEICkzmt2l:2SnMuGc/CfZDap6COU45EIatm
Behavioral task
behavioral1
Sample
a36f560c7313515f70cb4e029ba0801b_JaffaCakes118.exe
Resource
win7-20240611-en
Malware Config
Extracted
pony
http://kaladamotors.xyz/wp-admin/gate.php
-
payload_url
http://kaladamotors.xyz/wp-admin/shit.exe
Targets
-
-
Target
a36f560c7313515f70cb4e029ba0801b_JaffaCakes118
-
Size
90KB
-
MD5
a36f560c7313515f70cb4e029ba0801b
-
SHA1
1d8e657bb2ea17fdfa66d40c415702331b1fc4cd
-
SHA256
353947f8b1bfb30ee4f90e4c243b37b8ebc603a74cc1c94d8d40f9ab4b0a91e3
-
SHA512
dfaa99de6ae3aa2a15a78776b57184d4cc503515057740d8806cea07f7520c28454b600edd9310bd404e11ea8efb9fec3df92afcec468613630da06a257ba622
-
SSDEEP
1536:UnSncgyGqTDRXmGcwSCfZDalZNg9tvo0iO3AX4ApTvMEICkzmt2l:2SnMuGc/CfZDap6COU45EIatm
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-