General
-
Target
168a09ef2c7cb4369d3c2c2a3bc49990_JaffaCakes118
-
Size
160KB
-
Sample
240627-szk27azfpn
-
MD5
168a09ef2c7cb4369d3c2c2a3bc49990
-
SHA1
eba113b11e1a929c32f7b8f0c0c9cb74bb875e67
-
SHA256
bc0104581ed3fbe7476daf10252c41989147ad725652d6e6a65f0b9f952f4bbf
-
SHA512
2489bc41cea540a01815eb54ccdd47ae95362ea75ac3fd59422b8d8c3e4722ab42711ef29f103db5a64407b0c8d14447e21e2ac33eb7daa42e3ff8101cc94087
-
SSDEEP
1536:/X+g615xhCMVq781ov57h9fhXhuetpRkpvnCUQIetcABzuAk/E+ikdVsx7EAK3:/a5xtVc57vtpRSCsqcmkT2wAK3
Static task
static1
Behavioral task
behavioral1
Sample
168a09ef2c7cb4369d3c2c2a3bc49990_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
168a09ef2c7cb4369d3c2c2a3bc49990_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
pony
http://72.37.220.10:8080/pony/gate.php
http://216.52.143.121/pony/gate.php
-
payload_url
http://204.3.31.186/7M0pxn.exe
http://198.106.90.79/ykGNga.exe
http://www.plascombritadores.com.br/uKd.exe
Targets
-
-
Target
168a09ef2c7cb4369d3c2c2a3bc49990_JaffaCakes118
-
Size
160KB
-
MD5
168a09ef2c7cb4369d3c2c2a3bc49990
-
SHA1
eba113b11e1a929c32f7b8f0c0c9cb74bb875e67
-
SHA256
bc0104581ed3fbe7476daf10252c41989147ad725652d6e6a65f0b9f952f4bbf
-
SHA512
2489bc41cea540a01815eb54ccdd47ae95362ea75ac3fd59422b8d8c3e4722ab42711ef29f103db5a64407b0c8d14447e21e2ac33eb7daa42e3ff8101cc94087
-
SSDEEP
1536:/X+g615xhCMVq781ov57h9fhXhuetpRkpvnCUQIetcABzuAk/E+ikdVsx7EAK3:/a5xtVc57vtpRSCsqcmkT2wAK3
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-