General
-
Target
e3d5a0a8beb224b57c5fb6982345dc4a_JaffaCakes118
-
Size
107KB
-
Sample
240407-cr474aba59
-
MD5
e3d5a0a8beb224b57c5fb6982345dc4a
-
SHA1
d3bd5840feb7e002ec3d18ccd3fc09dd0393345d
-
SHA256
11c3b1431cbae8cafff13240998eefe35fce54dfeed723ade559fbe84a717f55
-
SHA512
60f3b49ab86cc3ce83e15b816f6b84722b32c903e048fb3591fe2d0dec271b59a58b77f0c6be4b1927ca387fd2ed3a8b2fe63ee1d710fcb47038d97dadc46fd4
-
SSDEEP
3072:lFea5aeNYCRzyf4n6LUTbca7CoxYO6UzBOs1L:15HTRzy86IT6OHzf
Static task
static1
Behavioral task
behavioral1
Sample
e3d5a0a8beb224b57c5fb6982345dc4a_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
pony
http://91.121.84.204:8080/pony/gate.php
http://91.121.93.178:8080/pony/gate.php
-
payload_url
http://power-tec.sk/D8aoPu86/XPVqAGE.exe
http://valuemerge.com/aXS0mRNT/KXj.exe
http://eleanorforhire.com.au/CWWrvcPe/nxp62Wk.exe
Targets
-
-
Target
e3d5a0a8beb224b57c5fb6982345dc4a_JaffaCakes118
-
Size
107KB
-
MD5
e3d5a0a8beb224b57c5fb6982345dc4a
-
SHA1
d3bd5840feb7e002ec3d18ccd3fc09dd0393345d
-
SHA256
11c3b1431cbae8cafff13240998eefe35fce54dfeed723ade559fbe84a717f55
-
SHA512
60f3b49ab86cc3ce83e15b816f6b84722b32c903e048fb3591fe2d0dec271b59a58b77f0c6be4b1927ca387fd2ed3a8b2fe63ee1d710fcb47038d97dadc46fd4
-
SSDEEP
3072:lFea5aeNYCRzyf4n6LUTbca7CoxYO6UzBOs1L:15HTRzy86IT6OHzf
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-