General
-
Target
15d42092a2ef31d459d824689e0f4374_JaffaCakes118
-
Size
196KB
-
Sample
240627-nkh7tsyeqe
-
MD5
15d42092a2ef31d459d824689e0f4374
-
SHA1
6e077582a3966568ddd5ac60fdf545bc3bab517a
-
SHA256
8b74f8baf0ca828b5d0697bfd26af7768de6a192c42f4384ffd056acf699b14b
-
SHA512
85092d3d51e7992d6da105578688b6734a7a5166fa96bceb1732477a53a98de44aeb7ab268322f800b2160c10778e76ebc79d5eff760fb0947f6fef6fe47ecbc
-
SSDEEP
1536:5JNmkhwxWtf1Y6YjifcdBMxa8kCl1BQctJXYQjJKlikU4t+EQnWLf0GwoB2UK/:5ekhYQ1YbduG89tLFKlikU4tsqeo7K/
Static task
static1
Behavioral task
behavioral1
Sample
15d42092a2ef31d459d824689e0f4374_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
15d42092a2ef31d459d824689e0f4374_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
pony
http://etsiunjour.fr:81/pony/gate.php
http://66.175.211.129/pony/gate.php
-
payload_url
http://csmju.jowave.com/fusX.exe
http://infico.radwlan.pl/URYp.exe
Targets
-
-
Target
15d42092a2ef31d459d824689e0f4374_JaffaCakes118
-
Size
196KB
-
MD5
15d42092a2ef31d459d824689e0f4374
-
SHA1
6e077582a3966568ddd5ac60fdf545bc3bab517a
-
SHA256
8b74f8baf0ca828b5d0697bfd26af7768de6a192c42f4384ffd056acf699b14b
-
SHA512
85092d3d51e7992d6da105578688b6734a7a5166fa96bceb1732477a53a98de44aeb7ab268322f800b2160c10778e76ebc79d5eff760fb0947f6fef6fe47ecbc
-
SSDEEP
1536:5JNmkhwxWtf1Y6YjifcdBMxa8kCl1BQctJXYQjJKlikU4t+EQnWLf0GwoB2UK/:5ekhYQ1YbduG89tLFKlikU4tsqeo7K/
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-