General
-
Target
0dd32f1c5299e1c4c6f918f8216029f1_JaffaCakes118
-
Size
132KB
-
Sample
240625-m5srbsyfkq
-
MD5
0dd32f1c5299e1c4c6f918f8216029f1
-
SHA1
843ee043c9f0341d979dfe2fac8599ab26a4a59e
-
SHA256
9c2f0dd64083c6a5d97207abff22af6012235a8165d898d223ad603866f5476f
-
SHA512
6541f5b4c4eedb47aaab3056791dce325b32e1b78585efe612a22fdd98eb382a699172595cef98eb335bd751e32a27c83b3ffc339304287e3468455282bb7a5b
-
SSDEEP
3072:3zimf2jBBvl5QQtEoR3k78euysmOgc9uIw2K0xQLmIV:Omf2zeoou3mOZ9uIbQDV
Static task
static1
Behavioral task
behavioral1
Sample
0dd32f1c5299e1c4c6f918f8216029f1_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
0dd32f1c5299e1c4c6f918f8216029f1_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
0dd32f1c5299e1c4c6f918f8216029f1_JaffaCakes118
-
Size
132KB
-
MD5
0dd32f1c5299e1c4c6f918f8216029f1
-
SHA1
843ee043c9f0341d979dfe2fac8599ab26a4a59e
-
SHA256
9c2f0dd64083c6a5d97207abff22af6012235a8165d898d223ad603866f5476f
-
SHA512
6541f5b4c4eedb47aaab3056791dce325b32e1b78585efe612a22fdd98eb382a699172595cef98eb335bd751e32a27c83b3ffc339304287e3468455282bb7a5b
-
SSDEEP
3072:3zimf2jBBvl5QQtEoR3k78euysmOgc9uIw2K0xQLmIV:Omf2zeoou3mOZ9uIbQDV
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1