General
-
Target
6d7accb9618f1bf784cfc3c3bd0efeae_JaffaCakes118
-
Size
88KB
-
Sample
240730-b3eadawblc
-
MD5
6d7accb9618f1bf784cfc3c3bd0efeae
-
SHA1
2aab5c4a8ead10d6343cc140a981f83cdbee77ba
-
SHA256
ce9ae2916e9eed030f3524a6fd3c7041f9780550b2f8206d9f3a7bedd576de08
-
SHA512
0b1034133eb7ad2bb594ac4f240b436065b99499a6a9505f66b5a44b704d2472be38fc9dfa8fcfb01fe6bb1468f8951351c07d146a679bfc6e5d66ba63013f87
-
SSDEEP
1536:x3V3e8KytqTZkYu5SCvaDBzgM+5zu9kS24zxAkOg8WTvMEI2VkzZ3:9dOy+ubiDBzv+1H4OgYEIv3
Behavioral task
behavioral1
Sample
6d7accb9618f1bf784cfc3c3bd0efeae_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
6d7accb9618f1bf784cfc3c3bd0efeae_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
pony
http://empathydesign.org.uk/default.php?iJac5zOTzJJGiVcgderv6qrf239E4qz
http://esig.net63.net/default.php?qX1B8hI9kYK3jy71fT2K78BloL3fciCkBxbsj
http://ssearchh.com/default.php?taSc5c3a9FCFvsRyxeNNk8x9d4YdzakI8EBht9V
http://turbosquad.bplaced.net/default.php?RFxhrjW6tdFInmHK7L3FQrbmXZagX
http://marxveix.site11.com/default.php?n4csJnyIei2htyvcdX64g16xQVkCYKQd
Targets
-
-
Target
6d7accb9618f1bf784cfc3c3bd0efeae_JaffaCakes118
-
Size
88KB
-
MD5
6d7accb9618f1bf784cfc3c3bd0efeae
-
SHA1
2aab5c4a8ead10d6343cc140a981f83cdbee77ba
-
SHA256
ce9ae2916e9eed030f3524a6fd3c7041f9780550b2f8206d9f3a7bedd576de08
-
SHA512
0b1034133eb7ad2bb594ac4f240b436065b99499a6a9505f66b5a44b704d2472be38fc9dfa8fcfb01fe6bb1468f8951351c07d146a679bfc6e5d66ba63013f87
-
SSDEEP
1536:x3V3e8KytqTZkYu5SCvaDBzgM+5zu9kS24zxAkOg8WTvMEI2VkzZ3:9dOy+ubiDBzv+1H4OgYEIv3
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-