General
-
Target
1b63422ccd174aff623434ea5f48ca50_JaffaCakes118
-
Size
176KB
-
Sample
240701-p7h11swepn
-
MD5
1b63422ccd174aff623434ea5f48ca50
-
SHA1
aeb1a88a0d1fe7b334ea2dcedaeb506bcbd80303
-
SHA256
d0ebb9d6f8d5def77d282d7709b3c56f930a2bedb680c82e7bd395cb3d08aa79
-
SHA512
e656d693c642efa8c272f516445100e01e147471da5cf586fd14400059170c6b36d27ff1546751378512aae9cc52955296b308537083b53535218b40fa8bc39d
-
SSDEEP
3072:kkVD1BSqao9c3HwsanTdgyOxsP+f+y+bH8yiNJvg+2pNwj1UIr9q3cbijvbPTcq:xSqjc3HsTaxoqzRr2UBDKrcq
Static task
static1
Behavioral task
behavioral1
Sample
1b63422ccd174aff623434ea5f48ca50_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
1b63422ccd174aff623434ea5f48ca50_JaffaCakes118
-
Size
176KB
-
MD5
1b63422ccd174aff623434ea5f48ca50
-
SHA1
aeb1a88a0d1fe7b334ea2dcedaeb506bcbd80303
-
SHA256
d0ebb9d6f8d5def77d282d7709b3c56f930a2bedb680c82e7bd395cb3d08aa79
-
SHA512
e656d693c642efa8c272f516445100e01e147471da5cf586fd14400059170c6b36d27ff1546751378512aae9cc52955296b308537083b53535218b40fa8bc39d
-
SSDEEP
3072:kkVD1BSqao9c3HwsanTdgyOxsP+f+y+bH8yiNJvg+2pNwj1UIr9q3cbijvbPTcq:xSqjc3HsTaxoqzRr2UBDKrcq
-
Modifies firewall policy service
-
Loads dropped DLL
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1