General
-
Target
1b62de7f5f9bbf06eb40e9f76ab2fbdf_JaffaCakes118
-
Size
229KB
-
Sample
240701-p68v2swenn
-
MD5
1b62de7f5f9bbf06eb40e9f76ab2fbdf
-
SHA1
d5bd0c97c7343057730ddb48b9ecd6e68e08bf47
-
SHA256
d427c7e5787679e60b9a941c1da08a9d4d24230001f072ec39f7fd5ad8c18e96
-
SHA512
3cb116575f2293ac24081e48c222baecdf0e6b004b6ea6c9827221de795970782b2ac837074e6be11e80d1e08c9e86576f5e2800c624f9c278d9347973443163
-
SSDEEP
3072:iq60E/DS+/Yws6o43qhRGa6QWXprsWS8PhzdEQ7IfZHLQtAcBWGAbdO9m:un/YwzoB2WmprsWtPhzOdSBWlbym
Static task
static1
Behavioral task
behavioral1
Sample
1b62de7f5f9bbf06eb40e9f76ab2fbdf_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
1b62de7f5f9bbf06eb40e9f76ab2fbdf_JaffaCakes118
-
Size
229KB
-
MD5
1b62de7f5f9bbf06eb40e9f76ab2fbdf
-
SHA1
d5bd0c97c7343057730ddb48b9ecd6e68e08bf47
-
SHA256
d427c7e5787679e60b9a941c1da08a9d4d24230001f072ec39f7fd5ad8c18e96
-
SHA512
3cb116575f2293ac24081e48c222baecdf0e6b004b6ea6c9827221de795970782b2ac837074e6be11e80d1e08c9e86576f5e2800c624f9c278d9347973443163
-
SSDEEP
3072:iq60E/DS+/Yws6o43qhRGa6QWXprsWS8PhzdEQ7IfZHLQtAcBWGAbdO9m:un/YwzoB2WmprsWtPhzOdSBWlbym
-
Modifies visibility of file extensions in Explorer
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
3Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1