General
-
Target
226121a7970c4f1a224f92cfdde13920_JaffaCakes118
-
Size
88KB
-
Sample
240728-zc5awatajm
-
MD5
226121a7970c4f1a224f92cfdde13920
-
SHA1
ae91ddecbc12e6a0e3f513ccc008b77e160a8900
-
SHA256
1a4fc8a3c5effad2d633523825ebbd09443d28798e655960f7b5dabefa525e0c
-
SHA512
765ea70c500092d66686757b274b3f8cffd42bac53e61cee168682cc9f4176941cece03fb5b689f51b632f24b3b8ee56d2ca630abeb28f00d7416853f4eea813
-
SSDEEP
1536:x3V3e8KytqTZkYu5SCvaDBzgM+5zu9kS24zxAkOg8WTvMEIPkzZ3:9dOy+ubiDBzv+1H4OgYEIg3
Behavioral task
behavioral1
Sample
226121a7970c4f1a224f92cfdde13920_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
226121a7970c4f1a224f92cfdde13920_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
pony
http://autoromaonline.it/default.php?5UWJbjKz2CdYRjgBl9u7QXe5EqciE1dDjE
http://homeid-magazine.fr/default.php?Vv4ZgCozXIVJeWZQWhIRrRc5YYD3yy7L6
http://gulliver-kape.com/default.php?McTti5Sdi9bcBSKOJQWy2pt2ysvZ3AibL6
http://asdcittadimarino.com/default.php?y6hY6V1g52PMEj2Nq1fTytPz13txd54
http://tropicalnails.ca/default.php?iDxsNXNcxcwWj7j8pCHZVQwcs7C6Hov4A4Z
Targets
-
-
Target
226121a7970c4f1a224f92cfdde13920_JaffaCakes118
-
Size
88KB
-
MD5
226121a7970c4f1a224f92cfdde13920
-
SHA1
ae91ddecbc12e6a0e3f513ccc008b77e160a8900
-
SHA256
1a4fc8a3c5effad2d633523825ebbd09443d28798e655960f7b5dabefa525e0c
-
SHA512
765ea70c500092d66686757b274b3f8cffd42bac53e61cee168682cc9f4176941cece03fb5b689f51b632f24b3b8ee56d2ca630abeb28f00d7416853f4eea813
-
SSDEEP
1536:x3V3e8KytqTZkYu5SCvaDBzgM+5zu9kS24zxAkOg8WTvMEIPkzZ3:9dOy+ubiDBzv+1H4OgYEIg3
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-