General
-
Target
2982a0a7a701496c8eb1ec35218f50e0_JaffaCakes118
-
Size
97KB
-
Sample
240706-2x8vxawbqp
-
MD5
2982a0a7a701496c8eb1ec35218f50e0
-
SHA1
10f74bcba51382b2b8e9c3f268e8d2be26993ac7
-
SHA256
63d7be1d018c68f0652b7ce686dca25c9573b2809ba074133ab14fbe20c5b647
-
SHA512
9b55362bfe9eab9aefebcf051a638a5a269e2b47f2a6f6ce3787ff9fc9703d256f87906daf6019892bd9cc729d2715d29af444e1e11826f03baf07057a59e6ec
-
SSDEEP
1536:pz50v6Z87SPl+uruDB48a8evLA94W1KS0y7MFrynenYeIokNihWAky4Az+bKY+:h2ZWuDB48aJvsbBvYyneeokIEA+j+
Static task
static1
Behavioral task
behavioral1
Sample
2982a0a7a701496c8eb1ec35218f50e0_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
2982a0a7a701496c8eb1ec35218f50e0_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
pony
http://50.57.121.196:8080/pony/gate.php
http://bam.com.es:8383/pony/gate.php
-
payload_url
http://victoriainnocenti.com.ar/MdyTpVeN.exe
http://floridawestinsurance.com/XyRu.exe
http://newtechusa.net/tjtXi.exe
Targets
-
-
Target
2982a0a7a701496c8eb1ec35218f50e0_JaffaCakes118
-
Size
97KB
-
MD5
2982a0a7a701496c8eb1ec35218f50e0
-
SHA1
10f74bcba51382b2b8e9c3f268e8d2be26993ac7
-
SHA256
63d7be1d018c68f0652b7ce686dca25c9573b2809ba074133ab14fbe20c5b647
-
SHA512
9b55362bfe9eab9aefebcf051a638a5a269e2b47f2a6f6ce3787ff9fc9703d256f87906daf6019892bd9cc729d2715d29af444e1e11826f03baf07057a59e6ec
-
SSDEEP
1536:pz50v6Z87SPl+uruDB48a8evLA94W1KS0y7MFrynenYeIokNihWAky4Az+bKY+:h2ZWuDB48aJvsbBvYyneeokIEA+j+
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-