General
-
Target
fe79f87e6bcb02fc7811499988326be8_JaffaCakes118
-
Size
107KB
-
Sample
240421-fh1ebsca5y
-
MD5
fe79f87e6bcb02fc7811499988326be8
-
SHA1
82309ce8036e1ec43f9a19fb399a1b222a27c37c
-
SHA256
14850481562768aa32df253c719dfb0df485ed5072ce6fe6499317b6c1e1211c
-
SHA512
01922c2aad03130dc2b7ff91480696dbd8ec5de9a2c9ccbb7401aa7ae78b21669b2c44e6c1248b82220758855c0b57eb9e12e691a36c1fa9853c7cc33290b52b
-
SSDEEP
3072:GBmZfxf2XYCFduNosiBck1dixYU/NMcQDmifBIs15:ZfmTFdu9qcEU/+cojH
Static task
static1
Behavioral task
behavioral1
Sample
fe79f87e6bcb02fc7811499988326be8_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
pony
http://91.121.84.204:8080/ponychin/gate.php
http://91.121.93.178:8080/ponychin/gate.php
-
payload_url
http://1clickloansusa.com/1KX.exe
http://civilcsapat.hu/6Hy99Ub.exe
http://rt-ingenieria.com.ar/otHGG9S.exe
Targets
-
-
Target
fe79f87e6bcb02fc7811499988326be8_JaffaCakes118
-
Size
107KB
-
MD5
fe79f87e6bcb02fc7811499988326be8
-
SHA1
82309ce8036e1ec43f9a19fb399a1b222a27c37c
-
SHA256
14850481562768aa32df253c719dfb0df485ed5072ce6fe6499317b6c1e1211c
-
SHA512
01922c2aad03130dc2b7ff91480696dbd8ec5de9a2c9ccbb7401aa7ae78b21669b2c44e6c1248b82220758855c0b57eb9e12e691a36c1fa9853c7cc33290b52b
-
SSDEEP
3072:GBmZfxf2XYCFduNosiBck1dixYU/NMcQDmifBIs15:ZfmTFdu9qcEU/+cojH
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-