General
-
Target
e83af09e7f56e037a2221633e956a041_JaffaCakes118
-
Size
126KB
-
Sample
240918-dw7pfs1bnk
-
MD5
e83af09e7f56e037a2221633e956a041
-
SHA1
a4f0227cc66f20a4e62aabbc0c75f7bbaa0713ba
-
SHA256
88a540af6f363841400eb924ec6e09d6b9e034fe9f7aeea4749d68951768df74
-
SHA512
c515e51fda737c815f0fe425bdba8071b614f81721ad2c5676ae1f85f27a94abb1be35033ee5c03908f9e690f6c146a8cad4fd722fb02c04bafe72b671e2d9aa
-
SSDEEP
1536:hLpmst1IypB7rlr9TeBxmdOsW5QnbVapCgXUFwieapTcS2NsJWTrkye5aSO/CvCq:znIAt51eBxmdu+papNwwiDchkWPOsBA
Static task
static1
Behavioral task
behavioral1
Sample
e83af09e7f56e037a2221633e956a041_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
pony
http://200.72.183.54:81/pony/gate.php
http://91.121.84.204:8080/pony/gate.php
-
payload_url
http://proyectoindio.org/7Qo.exe
http://astronomika.com/493.exe
http://12am.ro/0iZDFn1.exe
Targets
-
-
Target
e83af09e7f56e037a2221633e956a041_JaffaCakes118
-
Size
126KB
-
MD5
e83af09e7f56e037a2221633e956a041
-
SHA1
a4f0227cc66f20a4e62aabbc0c75f7bbaa0713ba
-
SHA256
88a540af6f363841400eb924ec6e09d6b9e034fe9f7aeea4749d68951768df74
-
SHA512
c515e51fda737c815f0fe425bdba8071b614f81721ad2c5676ae1f85f27a94abb1be35033ee5c03908f9e690f6c146a8cad4fd722fb02c04bafe72b671e2d9aa
-
SSDEEP
1536:hLpmst1IypB7rlr9TeBxmdOsW5QnbVapCgXUFwieapTcS2NsJWTrkye5aSO/CvCq:znIAt51eBxmdu+papNwwiDchkWPOsBA
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-