General
-
Target
004b99c7f22dae72be75009dbc37a1ed_JaffaCakes118
-
Size
2.2MB
-
Sample
240426-jhg5jabh5v
-
MD5
004b99c7f22dae72be75009dbc37a1ed
-
SHA1
65a4deebd20b9118783648d683b9b937155992b1
-
SHA256
8abda48d158a2f9f4bc46409d75f3a1da21e94254b6d58abdc1a34b15913d3d7
-
SHA512
79273b141641db85e7af24683734ee8a6dc7c0d9c3efa1e50d88a6bae6b536498f8c8a952fb13030a8d205f738f59c17641460cb4cdc50416b7c108cbc514b88
-
SSDEEP
24576:0UzNkyrbtjbGixCOPKH2I1iIWILtfOIJ+HKodCHPC0cF3u7P1+eWQ8f/x52vHNZ7:0UzeyQMS4DqodCnoe+iitjWwwP
Behavioral task
behavioral1
Sample
004b99c7f22dae72be75009dbc37a1ed_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
pony
http://don.service-master.eu/gate.php
-
payload_url
http://don.service-master.eu/shit.exe
Targets
-
-
Target
004b99c7f22dae72be75009dbc37a1ed_JaffaCakes118
-
Size
2.2MB
-
MD5
004b99c7f22dae72be75009dbc37a1ed
-
SHA1
65a4deebd20b9118783648d683b9b937155992b1
-
SHA256
8abda48d158a2f9f4bc46409d75f3a1da21e94254b6d58abdc1a34b15913d3d7
-
SHA512
79273b141641db85e7af24683734ee8a6dc7c0d9c3efa1e50d88a6bae6b536498f8c8a952fb13030a8d205f738f59c17641460cb4cdc50416b7c108cbc514b88
-
SSDEEP
24576:0UzNkyrbtjbGixCOPKH2I1iIWILtfOIJ+HKodCHPC0cF3u7P1+eWQ8f/x52vHNZ7:0UzeyQMS4DqodCnoe+iitjWwwP
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-