General
-
Target
2a10a6e344a768342d4cf2b7d7370c01_JaffaCakes118
-
Size
147KB
-
Sample
240707-2vcdxssenb
-
MD5
2a10a6e344a768342d4cf2b7d7370c01
-
SHA1
5bf7958ca3714f9f8913ee79084ba48e9ad390d0
-
SHA256
800125d60e2795c14e394f64a88c832037032e400eafd2852a6f2ecc9ad0a138
-
SHA512
c2de1e2c21bce90be5cd1ff6929ddb7d1b1c379cbda6ee4d4dbfaa32e0605d3348e7cff41287bbb17fe3835fca7f70014a539e5a29b5ba6f45623c1fd299167f
-
SSDEEP
3072:bK7ri1baqasmJN/CcfZX3CrU/W0MQXOoTRieQfh:0ikzsmJMOZXC0MQXOgceUh
Static task
static1
Behavioral task
behavioral1
Sample
2a10a6e344a768342d4cf2b7d7370c01_JaffaCakes118.exe
Resource
win7-20240705-en
Malware Config
Extracted
pony
http://91.121.93.178:8080/pony/gate.php
http://aurianedamez.fr:8080/pony/gate.php
-
payload_url
http://tanti.in/rXNpY.exe
http://colmo.cz/QEA.exe
Targets
-
-
Target
2a10a6e344a768342d4cf2b7d7370c01_JaffaCakes118
-
Size
147KB
-
MD5
2a10a6e344a768342d4cf2b7d7370c01
-
SHA1
5bf7958ca3714f9f8913ee79084ba48e9ad390d0
-
SHA256
800125d60e2795c14e394f64a88c832037032e400eafd2852a6f2ecc9ad0a138
-
SHA512
c2de1e2c21bce90be5cd1ff6929ddb7d1b1c379cbda6ee4d4dbfaa32e0605d3348e7cff41287bbb17fe3835fca7f70014a539e5a29b5ba6f45623c1fd299167f
-
SSDEEP
3072:bK7ri1baqasmJN/CcfZX3CrU/W0MQXOoTRieQfh:0ikzsmJMOZXC0MQXOgceUh
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-