General
-
Target
24f0969add78ed9477b6708fb340b6f8_JaffaCakes118
-
Size
97KB
-
Sample
240704-g7thraydjj
-
MD5
24f0969add78ed9477b6708fb340b6f8
-
SHA1
e3c0b234d7c7b085795e4fe87c1163660a7163ca
-
SHA256
b34708c0edb7616df3f974874697c78bfba9f97ee887d5cfab2d03ff40466c88
-
SHA512
837198b1992262a5b4e4a9c90ba28a1617f2204b1663179f581d27da11910992f9ab6a845258b184253205beb0058229355f7bf005d0bf7f32bff6b89ad0713a
-
SSDEEP
1536:Pz5hyfzMbD6HJbIXsJ1jEH8a61pjnG5P5Seeo41nenYevCn3e3PV6ioyK//:rtHcoa1jEHR67C5Z41nehC3eMioZ/
Static task
static1
Behavioral task
behavioral1
Sample
24f0969add78ed9477b6708fb340b6f8_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
24f0969add78ed9477b6708fb340b6f8_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
pony
http://50.57.121.196:8080/pony/gate.php
http://bam.com.es:8383/pony/gate.php
-
payload_url
http://www.sursoftware.com.ar/WCwDHMYw.exe
Targets
-
-
Target
24f0969add78ed9477b6708fb340b6f8_JaffaCakes118
-
Size
97KB
-
MD5
24f0969add78ed9477b6708fb340b6f8
-
SHA1
e3c0b234d7c7b085795e4fe87c1163660a7163ca
-
SHA256
b34708c0edb7616df3f974874697c78bfba9f97ee887d5cfab2d03ff40466c88
-
SHA512
837198b1992262a5b4e4a9c90ba28a1617f2204b1663179f581d27da11910992f9ab6a845258b184253205beb0058229355f7bf005d0bf7f32bff6b89ad0713a
-
SSDEEP
1536:Pz5hyfzMbD6HJbIXsJ1jEH8a61pjnG5P5Seeo41nenYevCn3e3PV6ioyK//:rtHcoa1jEHR67C5Z41nehC3eMioZ/
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-