General
-
Target
18ab3b78dfc4cdda9e5cad9075862c40_JaffaCakes118
-
Size
66KB
-
Sample
240628-ecgvcszbpf
-
MD5
18ab3b78dfc4cdda9e5cad9075862c40
-
SHA1
4bb47ce28aeec6155902af3be313017186119d32
-
SHA256
167e561cda0731765d3316a8cd27808995d18fe30404ec936d936d8bf3175070
-
SHA512
defd87b26b54bd4f757bbb1ef2ff0ad8644cf9f21d6cf7f0cca879662d29b2a0672978c227d4f3fcbdac43aecfd64d07fcb345dedeaae030a6d7a3bd60b0ad0a
-
SSDEEP
1536:ulyh53JzRSeRCroFH8l4fG49cHs5192r40fXAD:warBRZEObn92M0fm
Static task
static1
Behavioral task
behavioral1
Sample
18ab3b78dfc4cdda9e5cad9075862c40_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
pony
http://tsreuba.net/gate.php
Targets
-
-
Target
18ab3b78dfc4cdda9e5cad9075862c40_JaffaCakes118
-
Size
66KB
-
MD5
18ab3b78dfc4cdda9e5cad9075862c40
-
SHA1
4bb47ce28aeec6155902af3be313017186119d32
-
SHA256
167e561cda0731765d3316a8cd27808995d18fe30404ec936d936d8bf3175070
-
SHA512
defd87b26b54bd4f757bbb1ef2ff0ad8644cf9f21d6cf7f0cca879662d29b2a0672978c227d4f3fcbdac43aecfd64d07fcb345dedeaae030a6d7a3bd60b0ad0a
-
SSDEEP
1536:ulyh53JzRSeRCroFH8l4fG49cHs5192r40fXAD:warBRZEObn92M0fm
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-