General
-
Target
1848353afd6a5f6cb7f80cc6a5cf88b3_JaffaCakes118
-
Size
144KB
-
Sample
240628-bsztbswcpk
-
MD5
1848353afd6a5f6cb7f80cc6a5cf88b3
-
SHA1
762ec4fd1d04ab5e8d461dc981f5292ddc812748
-
SHA256
d4a6dfe5a3f06b967cd2e30da6b8a2c63c09a123f95ba94967e79a38d6442137
-
SHA512
eccd9aa075b83ea502714cb3791ec6c1672e746f7262fcd49f17e354b794b44a9b8f8d2210d8e2d9edc1e9c4e605d99a6a6eb8054c19924d1a3f088b169368c7
-
SSDEEP
3072:pLLCrFC44CcC6tArw/KLkuZBN9ePlQ+GZPc/dDX:AkCc7/IkuZB7edfh/9
Static task
static1
Behavioral task
behavioral1
Sample
1848353afd6a5f6cb7f80cc6a5cf88b3_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
pony
http://www.alberghi.com:8080/pony/gate.php
http://buyandsmile.atomclick.co:8080/pony/gate.php
-
payload_url
http://seooptimizacija.lt/25Gtbkom/J6rZLPSs.exe
http://ftp.intervene.com.br/in2y208u/atv.exe
http://gecelereakalim.com/tmXZ0JgG/cTn.exe
Targets
-
-
Target
1848353afd6a5f6cb7f80cc6a5cf88b3_JaffaCakes118
-
Size
144KB
-
MD5
1848353afd6a5f6cb7f80cc6a5cf88b3
-
SHA1
762ec4fd1d04ab5e8d461dc981f5292ddc812748
-
SHA256
d4a6dfe5a3f06b967cd2e30da6b8a2c63c09a123f95ba94967e79a38d6442137
-
SHA512
eccd9aa075b83ea502714cb3791ec6c1672e746f7262fcd49f17e354b794b44a9b8f8d2210d8e2d9edc1e9c4e605d99a6a6eb8054c19924d1a3f088b169368c7
-
SSDEEP
3072:pLLCrFC44CcC6tArw/KLkuZBN9ePlQ+GZPc/dDX:AkCc7/IkuZB7edfh/9
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-