General
-
Target
fb02c8f6345dadc717292d50e2d2591a_JaffaCakes118
-
Size
80KB
-
Sample
240419-x69fksdd36
-
MD5
fb02c8f6345dadc717292d50e2d2591a
-
SHA1
10f851bb2968f1c7adecadf871af442d0104933e
-
SHA256
55bb898a26c49fc0df3a703e836d6f29daa7dc918629aece8a0c1add471eb9a2
-
SHA512
126427654685e6483a5a4fa64bb239c44acaf4309caf6f60ca68d91753436155a1d4a09e55167b07e2fc0fa9c69d204c696991b5dad7675b62bced4681333e47
-
SSDEEP
1536:gKUM4fAgwqTVrxitJoBg/LCyHJCEm2YMnLwTstkZmvV7h+:eMW6wKLCuJRLwTs+mvV7h
Behavioral task
behavioral1
Sample
fb02c8f6345dadc717292d50e2d2591a_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
pony
http://zinwebtrustx.in/ifr/z.php?ftp=1
http://homesoft-eq.in/ifr/z.php?ftp=1
http://netstart-cloudx.in/ifr/z.php?ftp=1
http://fastscan-evo.in/ifr/z.php?ftp=1
Targets
-
-
Target
fb02c8f6345dadc717292d50e2d2591a_JaffaCakes118
-
Size
80KB
-
MD5
fb02c8f6345dadc717292d50e2d2591a
-
SHA1
10f851bb2968f1c7adecadf871af442d0104933e
-
SHA256
55bb898a26c49fc0df3a703e836d6f29daa7dc918629aece8a0c1add471eb9a2
-
SHA512
126427654685e6483a5a4fa64bb239c44acaf4309caf6f60ca68d91753436155a1d4a09e55167b07e2fc0fa9c69d204c696991b5dad7675b62bced4681333e47
-
SSDEEP
1536:gKUM4fAgwqTVrxitJoBg/LCyHJCEm2YMnLwTstkZmvV7h+:eMW6wKLCuJRLwTs+mvV7h
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-