General
-
Target
17c1c510e752c655b90cb3f19f48c19a_JaffaCakes118
-
Size
107KB
-
Sample
240627-2c27mavblb
-
MD5
17c1c510e752c655b90cb3f19f48c19a
-
SHA1
4f89fed8df434fe6444cc74f3f169863a2b61516
-
SHA256
9faca00f8148b1c00ced879c57f50c7f86419cf5b8c31f9cb0b39f0179edaf1e
-
SHA512
fc113460a56b9f824d33ed735d36e3b8b2fb00ce8731f07592b79c2e681b2ad99a15071a93a7bb4f73bd5b0cbc33ceea09def3001a50045adf150926a2a2695c
-
SSDEEP
3072:15cL51NVYCVd4mXNravfnzZajJxYceImBw:S5lTVd4mlMfd7cEu
Static task
static1
Behavioral task
behavioral1
Sample
17c1c510e752c655b90cb3f19f48c19a_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
17c1c510e752c655b90cb3f19f48c19a_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
pony
http://91.121.93.178:8080/pony/gate.php
http://aurianedamez.fr:8080/pony/gate.php
-
payload_url
http://akpinarlojistik.net/mm3eMQbz/Cmbm.exe
http://rxdrawer.com/GKdYGDUt/TSNdB9F.exe
Targets
-
-
Target
17c1c510e752c655b90cb3f19f48c19a_JaffaCakes118
-
Size
107KB
-
MD5
17c1c510e752c655b90cb3f19f48c19a
-
SHA1
4f89fed8df434fe6444cc74f3f169863a2b61516
-
SHA256
9faca00f8148b1c00ced879c57f50c7f86419cf5b8c31f9cb0b39f0179edaf1e
-
SHA512
fc113460a56b9f824d33ed735d36e3b8b2fb00ce8731f07592b79c2e681b2ad99a15071a93a7bb4f73bd5b0cbc33ceea09def3001a50045adf150926a2a2695c
-
SSDEEP
3072:15cL51NVYCVd4mXNravfnzZajJxYceImBw:S5lTVd4mlMfd7cEu
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-