General
-
Target
49a538882c95331195fa2f52a8420884_JaffaCakes118
-
Size
188KB
-
Sample
240715-nx9wbavdqr
-
MD5
49a538882c95331195fa2f52a8420884
-
SHA1
e2498d984eabb28a0b1f0898f1c6031aa2195558
-
SHA256
17495eff4b5033aca960850125aaa9afca91f80fe146324db613fee296d0003c
-
SHA512
86c547f12033351f952fbcfabc183290cf21721c97a09949003f64d0332f91a02a45b226a3d83dc541bc33756279becb07741df59dad206374cec47b756520f1
-
SSDEEP
3072:sRMchFx1IPpgJzVChQenVPbpdaeuLno9H30TL:sOcPx1e85ChvVzjaVLotE
Static task
static1
Behavioral task
behavioral1
Sample
49a538882c95331195fa2f52a8420884_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Extracted
pony
http://classicmodels.at:8080/forum/viewtopic.php
http://diva-code.at:8080/forum/viewtopic.php
-
payload_url
http://www.acibr.org.br/PATgKq.exe
http://ftp.sandcastlepros.com/pjZ0.exe
http://cloudfast.com.br/tjV.exe
Targets
-
-
Target
49a538882c95331195fa2f52a8420884_JaffaCakes118
-
Size
188KB
-
MD5
49a538882c95331195fa2f52a8420884
-
SHA1
e2498d984eabb28a0b1f0898f1c6031aa2195558
-
SHA256
17495eff4b5033aca960850125aaa9afca91f80fe146324db613fee296d0003c
-
SHA512
86c547f12033351f952fbcfabc183290cf21721c97a09949003f64d0332f91a02a45b226a3d83dc541bc33756279becb07741df59dad206374cec47b756520f1
-
SSDEEP
3072:sRMchFx1IPpgJzVChQenVPbpdaeuLno9H30TL:sOcPx1e85ChvVzjaVLotE
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-