General
-
Target
0dc2297a95541712a366874006cd4169_JaffaCakes118
-
Size
172KB
-
Sample
240625-mpaktaxfrq
-
MD5
0dc2297a95541712a366874006cd4169
-
SHA1
dffaf7c64163b33dcef213eb018e41e57c1eba0e
-
SHA256
e62b9dbe692daccb617504ced6c110ba5babd6cf3c3283ef240d8f2c8d18a94d
-
SHA512
defd40a2893523703a0bbbc080692243ec80f9f3240801b674913c26578474a5b0aa5e6e4ddb4525959a71f2a9235991609fc28417ff106dd971be2f71c68411
-
SSDEEP
3072:0TJCD548iJ/SDADeak7dJHB/AdGu8hnDxNzhr/4tt3oQypSV5wDficx8:0MGSsQLH5AdxoDnly3oQ21D6cx8
Static task
static1
Behavioral task
behavioral1
Sample
0dc2297a95541712a366874006cd4169_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
0dc2297a95541712a366874006cd4169_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
0dc2297a95541712a366874006cd4169_JaffaCakes118
-
Size
172KB
-
MD5
0dc2297a95541712a366874006cd4169
-
SHA1
dffaf7c64163b33dcef213eb018e41e57c1eba0e
-
SHA256
e62b9dbe692daccb617504ced6c110ba5babd6cf3c3283ef240d8f2c8d18a94d
-
SHA512
defd40a2893523703a0bbbc080692243ec80f9f3240801b674913c26578474a5b0aa5e6e4ddb4525959a71f2a9235991609fc28417ff106dd971be2f71c68411
-
SSDEEP
3072:0TJCD548iJ/SDADeak7dJHB/AdGu8hnDxNzhr/4tt3oQypSV5wDficx8:0MGSsQLH5AdxoDnly3oQ21D6cx8
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1