General
-
Target
5d6e41f07635fcad50b5ba2417d3f5e0_JaffaCakes118
-
Size
88KB
-
Sample
240729-y1b4kasgla
-
MD5
5d6e41f07635fcad50b5ba2417d3f5e0
-
SHA1
fe13f9bff3f616c20a9c12e9c0cae2f6092bdfe4
-
SHA256
a0a964b2c9002692a43d2687399bcc2cf5316b7f4eda21d4ed0335fcf785dc77
-
SHA512
5ab6ef7db9a8a155c26cd2ed6f775fb46badec4fa8b4ec9bb20ff9464b626749f673537a64423f0357183c28d5795f6560308149c6181593c78425a160f60c1b
-
SSDEEP
1536:x3V3e8KytqTZkYu5SCvaDBzgM+5zu9kS24zxAkOg8WTvMEIBkzZ3:9dOy+ubiDBzv+1H4OgYEIq3
Behavioral task
behavioral1
Sample
5d6e41f07635fcad50b5ba2417d3f5e0_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
5d6e41f07635fcad50b5ba2417d3f5e0_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
pony
http://dsscg.com/default.php?ZzmSlVxZtcfv1sfzvO6w8UJ4o1l9vbcdLZYQK2p7WS
http://cyclehead.bplaced.net/default.php?TOTbARwjfRCNDKtPSNJF9qVKbb6z84
http://wideshaseva.com/default.php?qKS74pODwIZVD91BSWAf6dT7LzcNKWTVmmuB
http://gameworld.tr.gp/default.php?2dqG1kkAZZHTPDvejN2fvnaCtwwLFxBtjtZu
http://tspaccom000.web713.discountasp.net/default.php?hPZWmefZuMgLRG1kt
Targets
-
-
Target
5d6e41f07635fcad50b5ba2417d3f5e0_JaffaCakes118
-
Size
88KB
-
MD5
5d6e41f07635fcad50b5ba2417d3f5e0
-
SHA1
fe13f9bff3f616c20a9c12e9c0cae2f6092bdfe4
-
SHA256
a0a964b2c9002692a43d2687399bcc2cf5316b7f4eda21d4ed0335fcf785dc77
-
SHA512
5ab6ef7db9a8a155c26cd2ed6f775fb46badec4fa8b4ec9bb20ff9464b626749f673537a64423f0357183c28d5795f6560308149c6181593c78425a160f60c1b
-
SSDEEP
1536:x3V3e8KytqTZkYu5SCvaDBzgM+5zu9kS24zxAkOg8WTvMEIBkzZ3:9dOy+ubiDBzv+1H4OgYEIq3
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-