Behavioral task
behavioral1
Sample
JaffaCakes118_078d764cd73b186ec652966e2290ba17.exe
Resource
win10v2004-20250502-en
General
-
Target
JaffaCakes118_078d764cd73b186ec652966e2290ba17
-
Size
2.6MB
-
MD5
078d764cd73b186ec652966e2290ba17
-
SHA1
b6f99446ba35807de29837f5f76e6b03f3bdf888
-
SHA256
ac0b946b4eca471a993c20313831a145581512c86abe1bc287c6aeb4dd326492
-
SHA512
8cfa668765d51ce3eea9299aab414f86ba781afb45097cdb50c5415dc064feee3d29d146ea3a144d7e2d4f685c841d73b4eed0c6ff2728747fcde4b9e262ee13
-
SSDEEP
49152:8coQxSBeKeiOSiFmoJggggLo40KDi3gp0XhCjyrll:86SIROiFJiwp0xlrll
Malware Config
Extracted
pony
http://don.service-master.eu/gate.php
-
payload_url
http://don.service-master.eu/shit.exe
Signatures
-
Pony family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_078d764cd73b186ec652966e2290ba17
Files
-
JaffaCakes118_078d764cd73b186ec652966e2290ba17.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ