General
-
Target
59a7c92746808063cef23487b7978853_JaffaCakes118
-
Size
91KB
-
Sample
240729-xkpjaavbpl
-
MD5
59a7c92746808063cef23487b7978853
-
SHA1
d9fed1fb3672976dce3e1c277e9333ec4496edcc
-
SHA256
67fe17a7cfd78582017463b7a82f288e861027797279572b1eb047bf32986f20
-
SHA512
eec7fce6e878dd308351ddfc1aeeed0301e5198781f4040f8f7ebfe609c6f6aab27a1ebe8f562046c1dd96fa46093d01b9a49612fbe310041c9fd9860cddc870
-
SSDEEP
1536:wSv9e7gumqToINZSRP+FP/bJXzrpSO58BDPy7htpFREbOQMpeTvXEwokzm+t:9Pun4P+1JXzrpSHby7ObOvkEwUC
Behavioral task
behavioral1
Sample
59a7c92746808063cef23487b7978853_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
59a7c92746808063cef23487b7978853_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
pony
http://www.awdoh-cpa.com:8080/forum/viewtopic.php
http://195.225.168.127:8080/forum/viewtopic.php
http://tracciatoecm.it:8080/forum/viewtopic.php
http://209.114.32.36:8080/forum/viewtopic.php
-
payload_url
http://sjr-offenbach.de/6HAt3sXp.exe
http://www.hutwaltraud.de/GpWX8yo.exe
http://industrial.uc-se.com/f8mg.exe
http://www.bvb-auguren.de/kang.exe
http://krischker.boxler-online.de/wsTEBf1.exe
http://scored202.org/Dia0h.exe
Targets
-
-
Target
59a7c92746808063cef23487b7978853_JaffaCakes118
-
Size
91KB
-
MD5
59a7c92746808063cef23487b7978853
-
SHA1
d9fed1fb3672976dce3e1c277e9333ec4496edcc
-
SHA256
67fe17a7cfd78582017463b7a82f288e861027797279572b1eb047bf32986f20
-
SHA512
eec7fce6e878dd308351ddfc1aeeed0301e5198781f4040f8f7ebfe609c6f6aab27a1ebe8f562046c1dd96fa46093d01b9a49612fbe310041c9fd9860cddc870
-
SSDEEP
1536:wSv9e7gumqToINZSRP+FP/bJXzrpSO58BDPy7htpFREbOQMpeTvXEwokzm+t:9Pun4P+1JXzrpSHby7ObOvkEwUC
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-