General
-
Target
1b1aa5980c22310420eb7c428c93e759_JaffaCakes118
-
Size
112KB
-
Sample
240701-ngnyxaydqe
-
MD5
1b1aa5980c22310420eb7c428c93e759
-
SHA1
d29978b2bedaf00908649387c9f546636573b3ad
-
SHA256
2bd0d5010a698cb6c58e11a2635fa9885aea3d3915f66b7026b4b6fdd83820a2
-
SHA512
086a675028c456d7a89c117c8e053df15a0ee50b160fd19b4420a32ae375b5dc3fbedbb22b0edcda92ff1098662658248e7877a0c4291da628abb07f0ef2735e
-
SSDEEP
3072:0GJ6VVLD41UXhXpYuc8IJodk+GOi18N96Tde2pArf:QDXUu7xHi18N8Nez
Static task
static1
Behavioral task
behavioral1
Sample
1b1aa5980c22310420eb7c428c93e759_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1b1aa5980c22310420eb7c428c93e759_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
1b1aa5980c22310420eb7c428c93e759_JaffaCakes118
-
Size
112KB
-
MD5
1b1aa5980c22310420eb7c428c93e759
-
SHA1
d29978b2bedaf00908649387c9f546636573b3ad
-
SHA256
2bd0d5010a698cb6c58e11a2635fa9885aea3d3915f66b7026b4b6fdd83820a2
-
SHA512
086a675028c456d7a89c117c8e053df15a0ee50b160fd19b4420a32ae375b5dc3fbedbb22b0edcda92ff1098662658248e7877a0c4291da628abb07f0ef2735e
-
SSDEEP
3072:0GJ6VVLD41UXhXpYuc8IJodk+GOi18N96Tde2pArf:QDXUu7xHi18N8Nez
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1