General
-
Target
ad53e7ba18c2bfb5d2c7acb195e61e60_JaffaCakes118
-
Size
6.5MB
-
Sample
240615-jalsrascne
-
MD5
ad53e7ba18c2bfb5d2c7acb195e61e60
-
SHA1
682fc2898c84fbd881baff6bbc69105ee238bec3
-
SHA256
8cc621b5e81d290117806743bff1f079ffd824f5da030c01e1f63e6476e7588f
-
SHA512
e132ef8f4eb0e02a2dff4d03c8245c80602d5fe0da17a694d1cc2f5cadbc78de4c16ea57fb5b2a5a5aacdaad22c11bb38d0670e05319db97bf6ada97faf33b30
-
SSDEEP
98304:a7ZnlfoH4jA7LUVZnRbvM/Q0z5vOgsPGG8YPrCLkk9aKiqLZ/4u16kILShM4PqPW:ylgY07EnRbE/7NvOF9NPrgosAYLhtm7
Static task
static1
Behavioral task
behavioral1
Sample
ad53e7ba18c2bfb5d2c7acb195e61e60_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
ad53e7ba18c2bfb5d2c7acb195e61e60_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
ad53e7ba18c2bfb5d2c7acb195e61e60_JaffaCakes118
-
Size
6.5MB
-
MD5
ad53e7ba18c2bfb5d2c7acb195e61e60
-
SHA1
682fc2898c84fbd881baff6bbc69105ee238bec3
-
SHA256
8cc621b5e81d290117806743bff1f079ffd824f5da030c01e1f63e6476e7588f
-
SHA512
e132ef8f4eb0e02a2dff4d03c8245c80602d5fe0da17a694d1cc2f5cadbc78de4c16ea57fb5b2a5a5aacdaad22c11bb38d0670e05319db97bf6ada97faf33b30
-
SSDEEP
98304:a7ZnlfoH4jA7LUVZnRbvM/Q0z5vOgsPGG8YPrCLkk9aKiqLZ/4u16kILShM4PqPW:ylgY07EnRbE/7NvOF9NPrgosAYLhtm7
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1