General
-
Target
1bc2e0c7d638062f59c71fa41a026bf8_JaffaCakes118
-
Size
120KB
-
Sample
240701-vcpg7ssgmk
-
MD5
1bc2e0c7d638062f59c71fa41a026bf8
-
SHA1
b026c78edd78f8c0d02a52b7fc6fda0a8b36b40b
-
SHA256
b4238f3cab7630b8fd43f2f2685e4760202b6dff2a7a74d1716edb7095e05b41
-
SHA512
8b98abffba8385384d87850af56f2f8ed4d1130ab6707ab8237113eb64bdc21521cac44bb1252ff1b1fc91fc86609822e489bee0c06d4679957f648b07043396
-
SSDEEP
3072:qeNMFfuAwjh2oDM6oW5qqr4fab8/c8s6yFwJT0:6ZwYdqlr4fabn8sR
Static task
static1
Behavioral task
behavioral1
Sample
1bc2e0c7d638062f59c71fa41a026bf8_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1bc2e0c7d638062f59c71fa41a026bf8_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
1bc2e0c7d638062f59c71fa41a026bf8_JaffaCakes118
-
Size
120KB
-
MD5
1bc2e0c7d638062f59c71fa41a026bf8
-
SHA1
b026c78edd78f8c0d02a52b7fc6fda0a8b36b40b
-
SHA256
b4238f3cab7630b8fd43f2f2685e4760202b6dff2a7a74d1716edb7095e05b41
-
SHA512
8b98abffba8385384d87850af56f2f8ed4d1130ab6707ab8237113eb64bdc21521cac44bb1252ff1b1fc91fc86609822e489bee0c06d4679957f648b07043396
-
SSDEEP
3072:qeNMFfuAwjh2oDM6oW5qqr4fab8/c8s6yFwJT0:6ZwYdqlr4fabn8sR
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1