General
-
Target
19d7777529bbe93fcd230e9a4ed827c7_JaffaCakes118
-
Size
864KB
-
Sample
240628-mwtl9svgqf
-
MD5
19d7777529bbe93fcd230e9a4ed827c7
-
SHA1
dcede4299ce00880894c22bf71b0265018b18b55
-
SHA256
dafc735c93a0e36da435e9e83929557397452b30cead0bbd9f39bb70cfd59bf9
-
SHA512
2a077d8785ce2d1e4f83d110a602710108fc63fc19f0320dbe80a5927aad7bac08ab1bbf1a8b0ce283ef521a3f33e5ebe7d98844a656dfdcb362be65accdb850
-
SSDEEP
12288:9TzbLjIZAzNThcb/0794YMMfffHYHtf2FasQo3BvKLaTXfC1KhXmQ3jyf:BbD79PMOS+asQoMLaQL2W
Static task
static1
Behavioral task
behavioral1
Sample
19d7777529bbe93fcd230e9a4ed827c7_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
19d7777529bbe93fcd230e9a4ed827c7_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
19d7777529bbe93fcd230e9a4ed827c7_JaffaCakes118
-
Size
864KB
-
MD5
19d7777529bbe93fcd230e9a4ed827c7
-
SHA1
dcede4299ce00880894c22bf71b0265018b18b55
-
SHA256
dafc735c93a0e36da435e9e83929557397452b30cead0bbd9f39bb70cfd59bf9
-
SHA512
2a077d8785ce2d1e4f83d110a602710108fc63fc19f0320dbe80a5927aad7bac08ab1bbf1a8b0ce283ef521a3f33e5ebe7d98844a656dfdcb362be65accdb850
-
SSDEEP
12288:9TzbLjIZAzNThcb/0794YMMfffHYHtf2FasQo3BvKLaTXfC1KhXmQ3jyf:BbD79PMOS+asQoMLaQL2W
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1