General
-
Target
25d7869a54cd41fe0b374b3a022be2e5_JaffaCakes118
-
Size
107KB
-
Sample
240704-xc4cgashlm
-
MD5
25d7869a54cd41fe0b374b3a022be2e5
-
SHA1
717a862b2186fe092ed1f1ed16682cccad328e51
-
SHA256
1e5efe1f15c494c76fcf69b0c08c4e050a42ab85684a7f9cc1631de6ec47a7c1
-
SHA512
954ed0859e69f119552fe9107d86058658612bf90578391b58427a22948b9b19762fb35a760c02c0b459368df17377621f75ed393af72371d6bf46b48f4e5eb5
-
SSDEEP
1536:sVr0qaHBd9ZCehGiRdkAskYCPRhF14f8RGxHA7QorFIqxNihtOCqM0BPJTDaMU:stOa6kA/YCP3F1ECSHAkorFHxYl7ABg
Static task
static1
Behavioral task
behavioral1
Sample
25d7869a54cd41fe0b374b3a022be2e5_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
25d7869a54cd41fe0b374b3a022be2e5_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
pony
http://91.121.84.204:8080/pony/gate.php
http://91.121.93.178:8080/pony/gate.php
-
payload_url
http://vz000500.ferozo.com/H2ra3XwM/Up3du.exe
http://clubvivid.ro/XinBb2uo/RgArA9f.exe
Targets
-
-
Target
25d7869a54cd41fe0b374b3a022be2e5_JaffaCakes118
-
Size
107KB
-
MD5
25d7869a54cd41fe0b374b3a022be2e5
-
SHA1
717a862b2186fe092ed1f1ed16682cccad328e51
-
SHA256
1e5efe1f15c494c76fcf69b0c08c4e050a42ab85684a7f9cc1631de6ec47a7c1
-
SHA512
954ed0859e69f119552fe9107d86058658612bf90578391b58427a22948b9b19762fb35a760c02c0b459368df17377621f75ed393af72371d6bf46b48f4e5eb5
-
SSDEEP
1536:sVr0qaHBd9ZCehGiRdkAskYCPRhF14f8RGxHA7QorFIqxNihtOCqM0BPJTDaMU:stOa6kA/YCP3F1ECSHAkorFHxYl7ABg
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-