General
-
Target
2237270910942539a218f7845ddbac8e_JaffaCakes118
-
Size
108KB
-
Sample
240703-nks22azfrf
-
MD5
2237270910942539a218f7845ddbac8e
-
SHA1
6e814ce87486dfa25ea1cb95c99dd682adcfe81e
-
SHA256
eaa67f4421ef8bd7d5c32f7b4c182f2c2f8673abb12a6e73ce5fe5d6c61ec50e
-
SHA512
20bfab3f133b7f8ed41bf5d601da3b45fda9f21e33b28dbd242bb666631d1e433e2ccc885f832ed96c7fd023bf6e820b1e954a36a67a9a91addfe910f0c63dd0
-
SSDEEP
3072:ZBmZfxf2XYCFduNosiBckDdixYUgNMcQDmifBPs1QE:SfmTFdu9qcyUg+coj6
Static task
static1
Behavioral task
behavioral1
Sample
2237270910942539a218f7845ddbac8e_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Extracted
pony
http://cityweddingguide.com:8080/ponychin/gate.php
http://200.72.183.54:81/ponychin/gate.php
-
payload_url
http://bnauctions.com/YZ2Y.exe
http://civilcsapat.hu/6Hy99Ub.exe
http://www.novafocus.com.br/1P7P1.exe
Targets
-
-
Target
2237270910942539a218f7845ddbac8e_JaffaCakes118
-
Size
108KB
-
MD5
2237270910942539a218f7845ddbac8e
-
SHA1
6e814ce87486dfa25ea1cb95c99dd682adcfe81e
-
SHA256
eaa67f4421ef8bd7d5c32f7b4c182f2c2f8673abb12a6e73ce5fe5d6c61ec50e
-
SHA512
20bfab3f133b7f8ed41bf5d601da3b45fda9f21e33b28dbd242bb666631d1e433e2ccc885f832ed96c7fd023bf6e820b1e954a36a67a9a91addfe910f0c63dd0
-
SSDEEP
3072:ZBmZfxf2XYCFduNosiBckDdixYUgNMcQDmifBPs1QE:SfmTFdu9qcyUg+coj6
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-