General
-
Target
fb88de5ac63557578e90a3646474afe3_JaffaCakes118
-
Size
127KB
-
Sample
240420-a2ezvacf4t
-
MD5
fb88de5ac63557578e90a3646474afe3
-
SHA1
d6e414421d3fc8a6a5ed23bd5a76c31e13f7370b
-
SHA256
b883030925c862fa1cd52ee027d113fd515072e49d71e62eb4e4dfb1b7cb877c
-
SHA512
949c7136aab0558ef54558a541abd31c696d4e39e8c4d37e19395bf5f955b4cfbacde13bfc24bc5406900ae8d4602cd5ff83864a3671188ae1f1cdc08b0418a6
-
SSDEEP
1536:q+MlClZrnsDFBZ86QqAIfYFiv1zwsv3aYv9SIIlysxPg8kSXVlmEEl9ba46H0XKj:7lZYG6QHe10ZYv/sCJl9b2H0XKdV
Static task
static1
Behavioral task
behavioral1
Sample
fb88de5ac63557578e90a3646474afe3_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
fb88de5ac63557578e90a3646474afe3_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
pony
http://108.166.65.182:8080/pony/gate.php
http://aloucakbileti.com:8080/pony/gate.php
-
payload_url
http://irelands-escorts.com/D5QDyxF9.exe
http://free-auto-insurance-quotes-online.info/5Fqm.exe
http://trinidis.com/AHvZzZTZ.exe
Targets
-
-
Target
fb88de5ac63557578e90a3646474afe3_JaffaCakes118
-
Size
127KB
-
MD5
fb88de5ac63557578e90a3646474afe3
-
SHA1
d6e414421d3fc8a6a5ed23bd5a76c31e13f7370b
-
SHA256
b883030925c862fa1cd52ee027d113fd515072e49d71e62eb4e4dfb1b7cb877c
-
SHA512
949c7136aab0558ef54558a541abd31c696d4e39e8c4d37e19395bf5f955b4cfbacde13bfc24bc5406900ae8d4602cd5ff83864a3671188ae1f1cdc08b0418a6
-
SSDEEP
1536:q+MlClZrnsDFBZ86QqAIfYFiv1zwsv3aYv9SIIlysxPg8kSXVlmEEl9ba46H0XKj:7lZYG6QHe10ZYv/sCJl9b2H0XKdV
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-