General
-
Target
1828043dde2dc716db61b0e3f0aaa288_JaffaCakes118
-
Size
128KB
-
Sample
240628-a131aa1fkd
-
MD5
1828043dde2dc716db61b0e3f0aaa288
-
SHA1
b6a72edc4746b47246b4d4f04fe12193e212719f
-
SHA256
7f3b77895c64bbee48c03befaefee8426608b74466775d659eda052cb3a9580b
-
SHA512
eb79f54b8cd755c1acde46ed2cb692b2e44e4a3c2d97920461423e36ec5830ac24e4d9f9d0187503d950d415a040289c697339d33060f6af70857e59a30fd66f
-
SSDEEP
3072:OTgKjae+rir66ji5HndwFur+n3uhlMw6TxpeR:Oc9e4w6II91SnwMwbR
Static task
static1
Behavioral task
behavioral1
Sample
1828043dde2dc716db61b0e3f0aaa288_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1828043dde2dc716db61b0e3f0aaa288_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
pony
http://200.72.183.54:81/pony/gate.php
http://91.121.84.204:8080/pony/gate.php
-
payload_url
http://astrum-rybka.ru/CUyfRYaU/JrhtN.exe
http://hermesdiepenbeek.be/5sGmi7RJ/ZSY.exe
http://mysophiebiz.co.cc/m2bmBf3r/q1z.exe
Targets
-
-
Target
1828043dde2dc716db61b0e3f0aaa288_JaffaCakes118
-
Size
128KB
-
MD5
1828043dde2dc716db61b0e3f0aaa288
-
SHA1
b6a72edc4746b47246b4d4f04fe12193e212719f
-
SHA256
7f3b77895c64bbee48c03befaefee8426608b74466775d659eda052cb3a9580b
-
SHA512
eb79f54b8cd755c1acde46ed2cb692b2e44e4a3c2d97920461423e36ec5830ac24e4d9f9d0187503d950d415a040289c697339d33060f6af70857e59a30fd66f
-
SSDEEP
3072:OTgKjae+rir66ji5HndwFur+n3uhlMw6TxpeR:Oc9e4w6II91SnwMwbR
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-