General
-
Target
19b8887acec1724c024303475e8d6bf1_JaffaCakes118
-
Size
199KB
-
Sample
240628-l2vabatcmb
-
MD5
19b8887acec1724c024303475e8d6bf1
-
SHA1
0a046b6da4236a02be2eab15a8d6d8f0f2f1f501
-
SHA256
beabbe153165126ab1ecb66b18a79fd20b656a3b054fc4d5a0d4770f9eef4907
-
SHA512
fd5b55875319a701a48bdc006d59f834e89cefecbdfed1adeb458bb5cb04774a803c167b9673034f0e4c427ae09aaed75c4afa3f01110b50591537119cb411ae
-
SSDEEP
3072:CmEzJcc1qb9bfErog+pbFqsmuOhetzlRuTAR4/6aWUcpIxW+7ncmz:CmEmc1q9b3gw8uOujgM20UcJuncu
Static task
static1
Behavioral task
behavioral1
Sample
19b8887acec1724c024303475e8d6bf1_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
19b8887acec1724c024303475e8d6bf1_JaffaCakes118
-
Size
199KB
-
MD5
19b8887acec1724c024303475e8d6bf1
-
SHA1
0a046b6da4236a02be2eab15a8d6d8f0f2f1f501
-
SHA256
beabbe153165126ab1ecb66b18a79fd20b656a3b054fc4d5a0d4770f9eef4907
-
SHA512
fd5b55875319a701a48bdc006d59f834e89cefecbdfed1adeb458bb5cb04774a803c167b9673034f0e4c427ae09aaed75c4afa3f01110b50591537119cb411ae
-
SSDEEP
3072:CmEzJcc1qb9bfErog+pbFqsmuOhetzlRuTAR4/6aWUcpIxW+7ncmz:CmEmc1q9b3gw8uOujgM20UcJuncu
-
Modifies firewall policy service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1