General
-
Target
fa98feb741d37269abc9b78667c21c3f_JaffaCakes118
-
Size
172KB
-
Sample
240419-st63gafg62
-
MD5
fa98feb741d37269abc9b78667c21c3f
-
SHA1
1c3b209ea8597434fa786425a49fc8ec04a76378
-
SHA256
1b68d0afeacdfa23f88dd50f5429e3a8b47e9c62d5d9879688a20ffb1c6a1edc
-
SHA512
3492549910f35217277e25519d7a67a3ab6fd23cf66c8e93da0ea59a904cd0ed3e2aa1de2d95222dec357cb0208f5b4a95cd1bd70710d38a740e66b4619b1336
-
SSDEEP
3072:5pXwPTzE7/CeZaK0/wjuUbykF3DaW3EXCUsKwe6:Q7ITCIaDwqSpFzaMEXtsKU
Static task
static1
Behavioral task
behavioral1
Sample
fa98feb741d37269abc9b78667c21c3f_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
fa98feb741d37269abc9b78667c21c3f_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
pony
http://108.166.65.182:8080/pony/gate.php
http://50.116.60.97/pony/gate.php
-
payload_url
http://liliyot.co.il/6KKg1gjp.exe
http://parapunov.com/F4nzCV.exe
Targets
-
-
Target
fa98feb741d37269abc9b78667c21c3f_JaffaCakes118
-
Size
172KB
-
MD5
fa98feb741d37269abc9b78667c21c3f
-
SHA1
1c3b209ea8597434fa786425a49fc8ec04a76378
-
SHA256
1b68d0afeacdfa23f88dd50f5429e3a8b47e9c62d5d9879688a20ffb1c6a1edc
-
SHA512
3492549910f35217277e25519d7a67a3ab6fd23cf66c8e93da0ea59a904cd0ed3e2aa1de2d95222dec357cb0208f5b4a95cd1bd70710d38a740e66b4619b1336
-
SSDEEP
3072:5pXwPTzE7/CeZaK0/wjuUbykF3DaW3EXCUsKwe6:Q7ITCIaDwqSpFzaMEXtsKU
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-