General
-
Target
8ebbcfd61291c39b260822165f03c3d7_JaffaCakes118
-
Size
174KB
-
Sample
241104-c57kdazrdw
-
MD5
8ebbcfd61291c39b260822165f03c3d7
-
SHA1
be9ab5fd791c2268becec3478030ba3172229570
-
SHA256
a2b891cd94511c3e10e91bde17431eafbcf186eafa73a228c6a784adcbdfa984
-
SHA512
5fa6b85a026e7e9271ceb0707e63e85dbd02816ab27bdcc7d64667b2d51282531a5ee85c629dbf9d634953f31d1999eed18afa2ce5479c8c7486816a2b0d61b2
-
SSDEEP
3072:EAdbC39uvTHNrcRq1rgtN3hRlWpWfuc4cSc64cSC:1O32rUq1rgt3RloWfuf5n4g
Static task
static1
Behavioral task
behavioral1
Sample
8ebbcfd61291c39b260822165f03c3d7_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
8ebbcfd61291c39b260822165f03c3d7_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
pony
http://11.laptopvspc.com/forum/viewtopic.php
http://11.sephoracouponscode.com/forum/viewtopic.php
http://11.thyroidsymptomsproblem.com/forum/viewtopic.php
http://10.innova-call.com/forum/viewtopic.php
-
payload_url
http://playersi.com/2PveFFs.exe
http://sergourmet.com.ar/jGa9.exe
Targets
-
-
Target
8ebbcfd61291c39b260822165f03c3d7_JaffaCakes118
-
Size
174KB
-
MD5
8ebbcfd61291c39b260822165f03c3d7
-
SHA1
be9ab5fd791c2268becec3478030ba3172229570
-
SHA256
a2b891cd94511c3e10e91bde17431eafbcf186eafa73a228c6a784adcbdfa984
-
SHA512
5fa6b85a026e7e9271ceb0707e63e85dbd02816ab27bdcc7d64667b2d51282531a5ee85c629dbf9d634953f31d1999eed18afa2ce5479c8c7486816a2b0d61b2
-
SSDEEP
3072:EAdbC39uvTHNrcRq1rgtN3hRlWpWfuc4cSc64cSC:1O32rUq1rgt3RloWfuf5n4g
-
Pony family
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-