General
-
Target
66e42e0170c16bf3d53040d394359571_JaffaCakes118
-
Size
1.9MB
-
Sample
240522-l5ph8sbe21
-
MD5
66e42e0170c16bf3d53040d394359571
-
SHA1
ac9acbf46eca7961cc4f5989c764ca6966f707ee
-
SHA256
4b6feb4eb9f9828cd5786368b0ad23fafd05a9cef62a9bbcfeebaf744bc3bf1b
-
SHA512
56947e488578a8da1a5ee92b951aa34b48e3d1951fc1ae7a80f145349413711e7bf6c8591ef68d8addf7f2dcdd83ac3ebb9999a005b85637859cdfb4ad02e905
-
SSDEEP
24576:0UzNkyrbtjbGixCOPKH2I1iIWILtfOIJ+HKodCHPC0cF3u7P1+eWQ8f/x52vHNZ+:0UzeyQMS4DqodCnoe+iitjWww6
Behavioral task
behavioral1
Sample
66e42e0170c16bf3d53040d394359571_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
66e42e0170c16bf3d53040d394359571_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
pony
http://don.service-master.eu/gate.php
-
payload_url
http://don.service-master.eu/shit.exe
Targets
-
-
Target
66e42e0170c16bf3d53040d394359571_JaffaCakes118
-
Size
1.9MB
-
MD5
66e42e0170c16bf3d53040d394359571
-
SHA1
ac9acbf46eca7961cc4f5989c764ca6966f707ee
-
SHA256
4b6feb4eb9f9828cd5786368b0ad23fafd05a9cef62a9bbcfeebaf744bc3bf1b
-
SHA512
56947e488578a8da1a5ee92b951aa34b48e3d1951fc1ae7a80f145349413711e7bf6c8591ef68d8addf7f2dcdd83ac3ebb9999a005b85637859cdfb4ad02e905
-
SSDEEP
24576:0UzNkyrbtjbGixCOPKH2I1iIWILtfOIJ+HKodCHPC0cF3u7P1+eWQ8f/x52vHNZ+:0UzeyQMS4DqodCnoe+iitjWww6
Score7/10-
Drops startup file
-
Suspicious use of SetThreadContext
-