General
-
Target
17ba38cf9abf912e4717435a7af4e1e7_JaffaCakes118
-
Size
91KB
-
Sample
240627-162yaawgrn
-
MD5
17ba38cf9abf912e4717435a7af4e1e7
-
SHA1
1b36c45cc3dbbb2cdaa2b2da57d7f73b7bff6541
-
SHA256
9c504d6427c9483ce6e52a2e1f08ccc167bb001755360dd8f7ccc780cc094011
-
SHA512
32b976f7137e9daf30ef3ddc37c0db7bc66a54b96ed3f6e4d8d8b051ec25bf02260621dcc637226a94a1ce0d3af8192ac34761bbb149299cb3c3ccc66a1afbe5
-
SSDEEP
1536:fCLO5pIFRsBm7G2tUjHU0xY3dy2WUPysuLFpXsGb4n3dlHELqQgGS8nQc+:fT5pPf2oDyGhsuFpcKW/HqLQc+
Static task
static1
Behavioral task
behavioral1
Sample
17ba38cf9abf912e4717435a7af4e1e7_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
pony
http://infovega.lt:8080/ponychin/gate.php
http://subdatapro.com:8008/ponychin/gate.php
-
payload_url
http://www.computer-bedrich.cz/iXT6C.exe
http://galeriamovimento.com.br/mKTgpgr.exe
http://wapclub.biz/Z7av.exe
Targets
-
-
Target
17ba38cf9abf912e4717435a7af4e1e7_JaffaCakes118
-
Size
91KB
-
MD5
17ba38cf9abf912e4717435a7af4e1e7
-
SHA1
1b36c45cc3dbbb2cdaa2b2da57d7f73b7bff6541
-
SHA256
9c504d6427c9483ce6e52a2e1f08ccc167bb001755360dd8f7ccc780cc094011
-
SHA512
32b976f7137e9daf30ef3ddc37c0db7bc66a54b96ed3f6e4d8d8b051ec25bf02260621dcc637226a94a1ce0d3af8192ac34761bbb149299cb3c3ccc66a1afbe5
-
SSDEEP
1536:fCLO5pIFRsBm7G2tUjHU0xY3dy2WUPysuLFpXsGb4n3dlHELqQgGS8nQc+:fT5pPf2oDyGhsuFpcKW/HqLQc+
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-