General
-
Target
16c1c6882a1d03cfa65d0fa8892263f3_JaffaCakes118
-
Size
154KB
-
Sample
240627-vdghzssgmj
-
MD5
16c1c6882a1d03cfa65d0fa8892263f3
-
SHA1
f077bd9681cfa3df3b444c1a057f1ae98ec69ed0
-
SHA256
8b0fb915fbcc9407701745fa2f714b5a9ee8882d1dfbbc57a9b0cf465020daf9
-
SHA512
29fb5c3f191de95b09787965c911e86ef20b22d361a28fb0b9689df68bdaf1456602cb51cbd1f6e3f5e0168ba523ed4729197e59ad52efe248fd5c032c8f2e7e
-
SSDEEP
1536:+z04fH/VM+zPG66tyi3JegBzVHrU16oZ43Bmr21DZ7suwSz1Vn/1T38UWwMFPV:G04fHnzP4NegDUMoZ2w21NlVtT3B8PV
Static task
static1
Behavioral task
behavioral1
Sample
16c1c6882a1d03cfa65d0fa8892263f3_JaffaCakes118.exe
Resource
win7-20240419-en
Malware Config
Extracted
pony
http://sam-latrilogie.com:8080/pony/gate.php
http://loceanic.fr:8080/pony/gate.php
-
payload_url
http://udveksling.cadesignform.dk/exFX.exe
http://ic-consultores.com.ar/hccg.exe
http://www.interclubrj.com.br/rwekTWLL.exe
Targets
-
-
Target
16c1c6882a1d03cfa65d0fa8892263f3_JaffaCakes118
-
Size
154KB
-
MD5
16c1c6882a1d03cfa65d0fa8892263f3
-
SHA1
f077bd9681cfa3df3b444c1a057f1ae98ec69ed0
-
SHA256
8b0fb915fbcc9407701745fa2f714b5a9ee8882d1dfbbc57a9b0cf465020daf9
-
SHA512
29fb5c3f191de95b09787965c911e86ef20b22d361a28fb0b9689df68bdaf1456602cb51cbd1f6e3f5e0168ba523ed4729197e59ad52efe248fd5c032c8f2e7e
-
SSDEEP
1536:+z04fH/VM+zPG66tyi3JegBzVHrU16oZ43Bmr21DZ7suwSz1Vn/1T38UWwMFPV:G04fHnzP4NegDUMoZ2w21NlVtT3B8PV
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-