General
-
Target
10478a081666ef2da73804251803f80b_JaffaCakes118
-
Size
1.8MB
-
Sample
240626-b1mhzazbqp
-
MD5
10478a081666ef2da73804251803f80b
-
SHA1
e2c73f23ec0360c0ca4f03838fda326cc04ad5f2
-
SHA256
2cf9bc4cd3b64301287a0009ec5f1fe18aa52ff8b05450abaf0754abe70298fc
-
SHA512
094b64a36b702d2f2f7857a18b8c3ebb2d460d6eb181761c5ef458a65f37d64577c9cb1114e6861288e8366f5ab43cfd2009aeb3c02ed9f318451328bc95b691
-
SSDEEP
49152:lpARrWSyAVAhMv4D9m2DuW7zEdhj4XsN/Flcjx:lpARrWkVAc4JmA7zEdhj4XsN/Flcjx
Static task
static1
Behavioral task
behavioral1
Sample
10478a081666ef2da73804251803f80b_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
10478a081666ef2da73804251803f80b_JaffaCakes118
-
Size
1.8MB
-
MD5
10478a081666ef2da73804251803f80b
-
SHA1
e2c73f23ec0360c0ca4f03838fda326cc04ad5f2
-
SHA256
2cf9bc4cd3b64301287a0009ec5f1fe18aa52ff8b05450abaf0754abe70298fc
-
SHA512
094b64a36b702d2f2f7857a18b8c3ebb2d460d6eb181761c5ef458a65f37d64577c9cb1114e6861288e8366f5ab43cfd2009aeb3c02ed9f318451328bc95b691
-
SSDEEP
49152:lpARrWSyAVAhMv4D9m2DuW7zEdhj4XsN/Flcjx:lpARrWkVAc4JmA7zEdhj4XsN/Flcjx
-
Modifies firewall policy service
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1