General
-
Target
22f7d3ee12ca459f066be20fe845b0e0_JaffaCakes118
-
Size
170KB
-
Sample
240703-thz1fsxgrn
-
MD5
22f7d3ee12ca459f066be20fe845b0e0
-
SHA1
50ad6d4430919597c5865b646d19e18a67edc141
-
SHA256
bf0b7c100fe4ffb36cbf87982b11e2f5443848155a8fff742af630a3a33491be
-
SHA512
0628ae11ede55242755cf26149b40e2f090d6de35d1fb2978235a84379ece1866fab9a2b19d62d9e27d8728f68fc6cd1f057f51af41e086f7a5df871b9545e00
-
SSDEEP
3072:Eu5/wv7pM/3wbnFHdWs4eUI32xk5z4IzracvKHYeq:vZK1MYbF9RJXmxuz11KI
Static task
static1
Behavioral task
behavioral1
Sample
22f7d3ee12ca459f066be20fe845b0e0_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
22f7d3ee12ca459f066be20fe845b0e0_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
pony
http://178.77.99.145:8080/pony/gate.php
http://49.156.20.209:8080/pony/gate.php
-
payload_url
http://borbo.net/YBbsQ5wB.exe
http://66.216.91.242/2YtKjEo.exe
http://misterm.at/Cttr.exe
Targets
-
-
Target
22f7d3ee12ca459f066be20fe845b0e0_JaffaCakes118
-
Size
170KB
-
MD5
22f7d3ee12ca459f066be20fe845b0e0
-
SHA1
50ad6d4430919597c5865b646d19e18a67edc141
-
SHA256
bf0b7c100fe4ffb36cbf87982b11e2f5443848155a8fff742af630a3a33491be
-
SHA512
0628ae11ede55242755cf26149b40e2f090d6de35d1fb2978235a84379ece1866fab9a2b19d62d9e27d8728f68fc6cd1f057f51af41e086f7a5df871b9545e00
-
SSDEEP
3072:Eu5/wv7pM/3wbnFHdWs4eUI32xk5z4IzracvKHYeq:vZK1MYbF9RJXmxuz11KI
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-