General
-
Target
f940348137554b5bf6033340b436b0b6_JaffaCakes118
-
Size
120KB
-
Sample
241217-3k6qfstpgp
-
MD5
f940348137554b5bf6033340b436b0b6
-
SHA1
d102243cef60fc54ac7ef885c3da25a77ac2a002
-
SHA256
041c4eabac45901fd0668c3c71ef3b70a46d9c1a59a82994806e46ce132ed76a
-
SHA512
1c01ab82187bf1f1fd3877dafbf44874320cd550bb8667bb752ad1743f9eb7354cdddfc497878b0855fca5eed822c258d4284083a65812fc682bacb4706bd931
-
SSDEEP
3072:VhA7D415MQ7ynY/4y2Co6bIOgFFW+CLJhDQEB1zarS:PB7MQym4BCosIOgFo+CLvDp7QS
Static task
static1
Behavioral task
behavioral1
Sample
f940348137554b5bf6033340b436b0b6_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
f940348137554b5bf6033340b436b0b6_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
pony
http://nursenextdoor.com:443/forum/viewtopic.php
http://dreamonseniorswish.org:443/forum/viewtopic.php
http://prospexleads.com:8080/forum/viewtopic.php
http://phonebillssuck.com:8080/forum/viewtopic.php
-
payload_url
http://atlas247.com/aetNy.exe
http://listinopainting.com/c8BHUBf.exe
http://lemuelacosta.com/MZQB.exe
http://www.srlgeus.it/0zhtDRem.exe
Targets
-
-
Target
f940348137554b5bf6033340b436b0b6_JaffaCakes118
-
Size
120KB
-
MD5
f940348137554b5bf6033340b436b0b6
-
SHA1
d102243cef60fc54ac7ef885c3da25a77ac2a002
-
SHA256
041c4eabac45901fd0668c3c71ef3b70a46d9c1a59a82994806e46ce132ed76a
-
SHA512
1c01ab82187bf1f1fd3877dafbf44874320cd550bb8667bb752ad1743f9eb7354cdddfc497878b0855fca5eed822c258d4284083a65812fc682bacb4706bd931
-
SSDEEP
3072:VhA7D415MQ7ynY/4y2Co6bIOgFFW+CLJhDQEB1zarS:PB7MQym4BCosIOgFo+CLvDp7QS
-
Pony family
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-