General
-
Target
fccacf30e6cbe24c44f9174fef8768db_JaffaCakes118
-
Size
119KB
-
Sample
240420-pxbtysgh94
-
MD5
fccacf30e6cbe24c44f9174fef8768db
-
SHA1
5a263dc59b4d5457897e93253c35fb265a16b818
-
SHA256
c11371d469895fc561de8e5807557bc8ddfb932372e5af273b416b13ce574f85
-
SHA512
b3bfe18328667da4724c0bd6632ab3f316bb21176745ad81e994436b9c0ed19fde71024b0c51d5d0777697dffa295857ef696e115a992e7e62fda9e331bd0a72
-
SSDEEP
1536:qu3dV+R8oNhPURWbTd1gW1gSxDlNM1FDY5eCKacPm5qitGt43qL5I2yNaLGBGXem:jPfgbh1gW1rxBIxJZPmJGt43qLgSem
Static task
static1
Behavioral task
behavioral1
Sample
fccacf30e6cbe24c44f9174fef8768db_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
fccacf30e6cbe24c44f9174fef8768db_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
pony
http://nazarian.pl:8080/pony/gate.php
http://pbx.pc0.ru:8080/pony/gate.php
-
payload_url
http://66.216.91.242/2YtKjEo.exe
Targets
-
-
Target
fccacf30e6cbe24c44f9174fef8768db_JaffaCakes118
-
Size
119KB
-
MD5
fccacf30e6cbe24c44f9174fef8768db
-
SHA1
5a263dc59b4d5457897e93253c35fb265a16b818
-
SHA256
c11371d469895fc561de8e5807557bc8ddfb932372e5af273b416b13ce574f85
-
SHA512
b3bfe18328667da4724c0bd6632ab3f316bb21176745ad81e994436b9c0ed19fde71024b0c51d5d0777697dffa295857ef696e115a992e7e62fda9e331bd0a72
-
SSDEEP
1536:qu3dV+R8oNhPURWbTd1gW1gSxDlNM1FDY5eCKacPm5qitGt43qL5I2yNaLGBGXem:jPfgbh1gW1rxBIxJZPmJGt43qLgSem
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-