General
-
Target
6bbe49ddeca93af7108f46f794ac3238_JaffaCakes118
-
Size
80KB
-
Sample
240730-bcmh3azcqj
-
MD5
6bbe49ddeca93af7108f46f794ac3238
-
SHA1
e7c896a85b0dc6a8b82ba5c3c4805a53809aeeb1
-
SHA256
9dce8012cd70224ce0bccd7a5ce6878021522b5aeffd37c656d0a5382c3c0723
-
SHA512
be5fe897e94eb131095075564c2919a635341ed32a6262dcfc7e930cf53533c191aa8b32451cdbd244e5bc90c6979438d041d851c284d39c0314f25681b2bccd
-
SSDEEP
1536:Tp4oSLcDn7aj9HFEnVdbwJMvM4EmfxnzFRtkQUFdguGJCFn6dxqCGKMxlD:94oYjfGV5wJM04xRTI1GJCFn6dxqwc
Static task
static1
Behavioral task
behavioral1
Sample
6bbe49ddeca93af7108f46f794ac3238_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
6bbe49ddeca93af7108f46f794ac3238_JaffaCakes118.exe
Resource
win10v2004-20240729-en
Malware Config
Extracted
pony
http://tecsound74.ru/wp-includes/js/crop/gate.php
Targets
-
-
Target
6bbe49ddeca93af7108f46f794ac3238_JaffaCakes118
-
Size
80KB
-
MD5
6bbe49ddeca93af7108f46f794ac3238
-
SHA1
e7c896a85b0dc6a8b82ba5c3c4805a53809aeeb1
-
SHA256
9dce8012cd70224ce0bccd7a5ce6878021522b5aeffd37c656d0a5382c3c0723
-
SHA512
be5fe897e94eb131095075564c2919a635341ed32a6262dcfc7e930cf53533c191aa8b32451cdbd244e5bc90c6979438d041d851c284d39c0314f25681b2bccd
-
SSDEEP
1536:Tp4oSLcDn7aj9HFEnVdbwJMvM4EmfxnzFRtkQUFdguGJCFn6dxqCGKMxlD:94oYjfGV5wJM04xRTI1GJCFn6dxqwc
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-