General
-
Target
f82d92d386cfe20f8e3da1a835d39dd8_JaffaCakes118
-
Size
130KB
-
Sample
240418-rmv6ysfd86
-
MD5
f82d92d386cfe20f8e3da1a835d39dd8
-
SHA1
2727e729229f2d4a66e191a621a893e8980c04ee
-
SHA256
9526f836b584e69a688ad34ba37ae36500bbeb77ab91921deadc417a53d59011
-
SHA512
8197eb5f25f322abcfa90d105c833db51d08be012cbadecfc8b9c6e2fb3c3d9d9061775b8b2157f54b26f9caa03b2d64877f534fce3d1bd1ddbef397ed544ce6
-
SSDEEP
1536:8+PRP9hI4dNIN1/gzyGQnnXvWpRivOUqhjysSIClysxPg9RgXzMB3QeNrW5Gi0DA:59+4rylGQnNOUwywSO8MJvti0DKIegS
Static task
static1
Behavioral task
behavioral1
Sample
f82d92d386cfe20f8e3da1a835d39dd8_JaffaCakes118.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
f82d92d386cfe20f8e3da1a835d39dd8_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
pony
http://108.166.65.182:8080/pony/gate.php
http://aloucakbileti.com:8080/pony/gate.php
-
payload_url
http://irelands-escorts.com/D5QDyxF9.exe
http://guiadahora.com.br/8ZLYZor.exe
http://trinidis.com/AHvZzZTZ.exe
Targets
-
-
Target
f82d92d386cfe20f8e3da1a835d39dd8_JaffaCakes118
-
Size
130KB
-
MD5
f82d92d386cfe20f8e3da1a835d39dd8
-
SHA1
2727e729229f2d4a66e191a621a893e8980c04ee
-
SHA256
9526f836b584e69a688ad34ba37ae36500bbeb77ab91921deadc417a53d59011
-
SHA512
8197eb5f25f322abcfa90d105c833db51d08be012cbadecfc8b9c6e2fb3c3d9d9061775b8b2157f54b26f9caa03b2d64877f534fce3d1bd1ddbef397ed544ce6
-
SSDEEP
1536:8+PRP9hI4dNIN1/gzyGQnnXvWpRivOUqhjysSIClysxPg9RgXzMB3QeNrW5Gi0DA:59+4rylGQnNOUwywSO8MJvti0DKIegS
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-