General
-
Target
15980827d016609bf56e5bfb54e42fe4_JaffaCakes118
-
Size
88KB
-
Sample
240627-l4hdjavhmg
-
MD5
15980827d016609bf56e5bfb54e42fe4
-
SHA1
d2e4364688ea354ebbf078d1c9fa74e2a6e9e78a
-
SHA256
2d6f856e318a8b64646afe8a6c952c96eac7893ec3797f2768c577368d702ec3
-
SHA512
0474847eedde916fb522ec6e9b3bf41ce0f10aebb822f73b141359031452d964f8c441183eecf4b0fe55c9754cbb066a69442856bb25843f8acf9af185944ec4
-
SSDEEP
1536:x3V3e8KytqTZkYu5SCvaDBzgM+5zu9kS24zxAkOg8WTvMEIokzZ3:9dOy+ubiDBzv+1H4OgYEIj3
Behavioral task
behavioral1
Sample
15980827d016609bf56e5bfb54e42fe4_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Extracted
pony
http://musiceyecandy.com/default.php?hUG6k5YyPn7SPeU2hPhMjl3IMSoG7CBpmR
http://snsone.com/default.php?LKkGIMEWICD1Qj6frWoORrMS4HTcjOJroO3JXBt5f
http://aurora-mfg.com/default.php?wkXYkOnLrBuELCTHN4QDPdX6bN1W7EXbRasIr
http://envaseslux.com.pe/default.php?x8HNHajlf89hoWF1VavWZafUqOoiKTdEC8
http://biomolkerei.ch/default.php?DhWcEoidYu1Cq1yAuqggBMEQdXn5xvRHl6tXy
Targets
-
-
Target
15980827d016609bf56e5bfb54e42fe4_JaffaCakes118
-
Size
88KB
-
MD5
15980827d016609bf56e5bfb54e42fe4
-
SHA1
d2e4364688ea354ebbf078d1c9fa74e2a6e9e78a
-
SHA256
2d6f856e318a8b64646afe8a6c952c96eac7893ec3797f2768c577368d702ec3
-
SHA512
0474847eedde916fb522ec6e9b3bf41ce0f10aebb822f73b141359031452d964f8c441183eecf4b0fe55c9754cbb066a69442856bb25843f8acf9af185944ec4
-
SSDEEP
1536:x3V3e8KytqTZkYu5SCvaDBzgM+5zu9kS24zxAkOg8WTvMEIokzZ3:9dOy+ubiDBzv+1H4OgYEIj3
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-