General
-
Target
13f2769975c7c3a834ad2f98de5fd2ed_JaffaCakes118
-
Size
623KB
-
Sample
240701-jf6ecasgml
-
MD5
13f2769975c7c3a834ad2f98de5fd2ed
-
SHA1
e453b159c317d6ce1300e9005902d5a145d650c0
-
SHA256
176bebd01ef9664ac2087c283261ce4475525986cb2a24ec0d32748a012fbc3d
-
SHA512
c88956a8e1c815a40658fcf3a9fa8552423dc3dc9fcacd7e7196b76c5057f298a8a5b7b185c786f980cdbc29e39b95c42d527e63cf23d6c7d81f9aee17a309c8
-
SSDEEP
12288:Ezs1pt4r/mPjMef1RpdCCdwe2lKowW+wG3Q/U52ioR52NiJ:Ew1QrOjDwe2CyiT85q0
Static task
static1
Behavioral task
behavioral1
Sample
13f2769975c7c3a834ad2f98de5fd2ed_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
13f2769975c7c3a834ad2f98de5fd2ed_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
13f2769975c7c3a834ad2f98de5fd2ed_JaffaCakes118
-
Size
623KB
-
MD5
13f2769975c7c3a834ad2f98de5fd2ed
-
SHA1
e453b159c317d6ce1300e9005902d5a145d650c0
-
SHA256
176bebd01ef9664ac2087c283261ce4475525986cb2a24ec0d32748a012fbc3d
-
SHA512
c88956a8e1c815a40658fcf3a9fa8552423dc3dc9fcacd7e7196b76c5057f298a8a5b7b185c786f980cdbc29e39b95c42d527e63cf23d6c7d81f9aee17a309c8
-
SSDEEP
12288:Ezs1pt4r/mPjMef1RpdCCdwe2lKowW+wG3Q/U52ioR52NiJ:Ew1QrOjDwe2CyiT85q0
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1