General
-
Target
17094cf837e4de81a7a3eea67171a9c5_JaffaCakes118
-
Size
127KB
-
Sample
240627-w1hv1awdlk
-
MD5
17094cf837e4de81a7a3eea67171a9c5
-
SHA1
041fc15f1aee8f985284034b934379c078cfcad1
-
SHA256
d5053b99d4fe45b5e425c625f15c9f8b74456fff55663a09943498b5f79f9a43
-
SHA512
a922f20ade7545eb82538c63f6d4bb0a0f3823c497f783cc1723eaa41aa8cccb9cf56841bb3214b82140dbb3be77fe63a98cbe78d62d88d46c912249a87da608
-
SSDEEP
1536:j+RzHJWCvTVDiJCiKe1URmO6iP7Yys+IKPSIM0YslysxPg0cq3OebG9cTD2jc67C:eWC1GTKeWZ7YrKFM0YIy1X0d
Static task
static1
Behavioral task
behavioral1
Sample
17094cf837e4de81a7a3eea67171a9c5_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
17094cf837e4de81a7a3eea67171a9c5_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
pony
http://174.140.171.147/pony/gate.php
http://69.194.196.49/pony/gate.php
-
payload_url
http://talentquest.com.mx/1MPj.exe
http://eqsync.com/48QUMsb.exe
http://zirmatech.com.br/9exoNyD3.exe
http://apostagol1.web102.f1.k8.com.br/782V.exe
Targets
-
-
Target
17094cf837e4de81a7a3eea67171a9c5_JaffaCakes118
-
Size
127KB
-
MD5
17094cf837e4de81a7a3eea67171a9c5
-
SHA1
041fc15f1aee8f985284034b934379c078cfcad1
-
SHA256
d5053b99d4fe45b5e425c625f15c9f8b74456fff55663a09943498b5f79f9a43
-
SHA512
a922f20ade7545eb82538c63f6d4bb0a0f3823c497f783cc1723eaa41aa8cccb9cf56841bb3214b82140dbb3be77fe63a98cbe78d62d88d46c912249a87da608
-
SSDEEP
1536:j+RzHJWCvTVDiJCiKe1URmO6iP7Yys+IKPSIM0YslysxPg0cq3OebG9cTD2jc67C:eWC1GTKeWZ7YrKFM0YIy1X0d
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-