General
-
Target
16ae7e5548d9928427cc3c5b9fafc0c8_JaffaCakes118
-
Size
91KB
-
Sample
240627-twdz5szbrf
-
MD5
16ae7e5548d9928427cc3c5b9fafc0c8
-
SHA1
6e779cbf4ff0c85b2a9c511db7410dbdce15f8a9
-
SHA256
29b76a4b58827a31d051437c3c6cf8ca009324a6b99820efceb056e3466151ab
-
SHA512
55b72774c4e3a0d32f0ac5990d2c8534b81ad70c156523457c46d306b1ae6a65af9ee10cf7acfdd67cc9be6251861788feab13533bfd31e32f8e1d45b382b5b7
-
SSDEEP
1536:PtKfR5pkFf34WoZh1Oxu1GRnrdV2RZF7ph8TKbUXpQVNnHrKjgW8zrFIU4DgInQm:PtI5prj1+1GnphEKb8CgcPp8Qm
Static task
static1
Behavioral task
behavioral1
Sample
16ae7e5548d9928427cc3c5b9fafc0c8_JaffaCakes118.exe
Resource
win7-20240611-en
Malware Config
Extracted
pony
http://www.alberghi.com:8080/pony/gate.php
http://zelia.net:8080/pony/gate.php
-
payload_url
http://safamobilya.com/VyBxtBiT/m1KBUJXC.exe
http://www.biroform.com.mk/vibBmja6/fc0nJ.exe
http://www.z-bid-z.com/1Ypg1X1N/ZMSQW.exe
Targets
-
-
Target
16ae7e5548d9928427cc3c5b9fafc0c8_JaffaCakes118
-
Size
91KB
-
MD5
16ae7e5548d9928427cc3c5b9fafc0c8
-
SHA1
6e779cbf4ff0c85b2a9c511db7410dbdce15f8a9
-
SHA256
29b76a4b58827a31d051437c3c6cf8ca009324a6b99820efceb056e3466151ab
-
SHA512
55b72774c4e3a0d32f0ac5990d2c8534b81ad70c156523457c46d306b1ae6a65af9ee10cf7acfdd67cc9be6251861788feab13533bfd31e32f8e1d45b382b5b7
-
SSDEEP
1536:PtKfR5pkFf34WoZh1Oxu1GRnrdV2RZF7ph8TKbUXpQVNnHrKjgW8zrFIU4DgInQm:PtI5prj1+1GnphEKb8CgcPp8Qm
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-