General
-
Target
1a8aa62af9b15a08d02d77923c2fce81_JaffaCakes118
-
Size
168KB
-
Sample
240701-j1gxgs1ajd
-
MD5
1a8aa62af9b15a08d02d77923c2fce81
-
SHA1
6e88b873b56a23a7c8e53fef9e4ef00695caf72b
-
SHA256
b31f9e879f925d8673689b81d13d704b394e11b0a42c07b240a028e515d15b66
-
SHA512
c19f22e2b5b10e5c19031dcf97a042b7df088fa9fd3fdc67edd91106448867a409516b5232c1c94229784cfc831b72a4efcdc289d64db6d2dffa2e16a800673b
-
SSDEEP
3072:8kVD1BSqao9c3HwsanTdgyOxsP+f+D5/oOh+9oKTMEFFJIeC6Pbl3UVaz0lm:JSqjc3HsTaxoqWl+jIEPC6DRXz0Q
Static task
static1
Behavioral task
behavioral1
Sample
1a8aa62af9b15a08d02d77923c2fce81_JaffaCakes118.exe
Resource
win7-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
1a8aa62af9b15a08d02d77923c2fce81_JaffaCakes118
-
Size
168KB
-
MD5
1a8aa62af9b15a08d02d77923c2fce81
-
SHA1
6e88b873b56a23a7c8e53fef9e4ef00695caf72b
-
SHA256
b31f9e879f925d8673689b81d13d704b394e11b0a42c07b240a028e515d15b66
-
SHA512
c19f22e2b5b10e5c19031dcf97a042b7df088fa9fd3fdc67edd91106448867a409516b5232c1c94229784cfc831b72a4efcdc289d64db6d2dffa2e16a800673b
-
SSDEEP
3072:8kVD1BSqao9c3HwsanTdgyOxsP+f+D5/oOh+9oKTMEFFJIeC6Pbl3UVaz0lm:JSqjc3HsTaxoqWl+jIEPC6DRXz0Q
-
Modifies firewall policy service
-
Loads dropped DLL
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1