General
-
Target
65510ff01e6705f785ef2979060c56d0_JaffaCakes118
-
Size
88KB
-
Sample
240729-2rvq4avbkq
-
MD5
65510ff01e6705f785ef2979060c56d0
-
SHA1
a33ee79611cca2bfe90d5a220cccc8430408a008
-
SHA256
284e279a759ebeb24243898f20b726a36e32a2fe0b9064bc8f664ec3e3f94f3c
-
SHA512
ada9ba82fb3ab1712b3298e30cb2bc7de250ef784c198bdcb48ece2da6187b848dd71b297685b36a45ccbff4c3f7fe9634c8a1fba3e9e0365d03b18d8ce33541
-
SSDEEP
1536:x3V3e8KytqTZkYu5SCvaDBzgM+5zu9kS24zxAkOg8WTvMEIckzZ3:9dOy+ubiDBzv+1H4OgYEI/3
Behavioral task
behavioral1
Sample
65510ff01e6705f785ef2979060c56d0_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
65510ff01e6705f785ef2979060c56d0_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
pony
http://mon-business-a-domicile.org/default.php?cUvNEcOfgUmnpuVGcr2vytt3
http://brinkmanrolluiken.nl/default.php?SQYfBzxsG69rVTknNTsVt3qahn32w5H
http://arquitetarte.com.br/default.php?YFpSdSVxajSATv6sodQGRBkjIH3yroch
http://cvrecords.com/default.php?5HVX5gIDustjKc2EIUlGKr68USjlDnJQGy6cyz
http://w00d17d0.dd17136.kasserver.com/default.php?A7sYvE92qL8QDBUV9BXWm
Targets
-
-
Target
65510ff01e6705f785ef2979060c56d0_JaffaCakes118
-
Size
88KB
-
MD5
65510ff01e6705f785ef2979060c56d0
-
SHA1
a33ee79611cca2bfe90d5a220cccc8430408a008
-
SHA256
284e279a759ebeb24243898f20b726a36e32a2fe0b9064bc8f664ec3e3f94f3c
-
SHA512
ada9ba82fb3ab1712b3298e30cb2bc7de250ef784c198bdcb48ece2da6187b848dd71b297685b36a45ccbff4c3f7fe9634c8a1fba3e9e0365d03b18d8ce33541
-
SSDEEP
1536:x3V3e8KytqTZkYu5SCvaDBzgM+5zu9kS24zxAkOg8WTvMEIckzZ3:9dOy+ubiDBzv+1H4OgYEI/3
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-