General
-
Target
10712006598e8800ca7d721355bd70c1_JaffaCakes118
-
Size
90KB
-
Sample
240626-c3twhasfmp
-
MD5
10712006598e8800ca7d721355bd70c1
-
SHA1
0e34f6298f81eca938c549761ee0920de20f074c
-
SHA256
4cc5e41fb264e21dd5f3d221118c06a7a0d886a4dcf9d0d8de0dec4124b3792b
-
SHA512
e1a803c22622a52f7d838282aa2298165b61eb4c6d3171c71b4af7263e5b9e03c213a1f457c3029bf5478d3fb19aeb6a0d8c65e728c145d51a0528527c3b1454
-
SSDEEP
1536:ccG6y0zKSHJCeb8H5FEEE6pyZO6icWGze/iJcKQj1y46hajHE4RfsE19PXQbNrN3:cTxSHJCegH1E6E86iXGq/7K5WHElE19a
Static task
static1
Behavioral task
behavioral1
Sample
10712006598e8800ca7d721355bd70c1_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
10712006598e8800ca7d721355bd70c1_JaffaCakes118
-
Size
90KB
-
MD5
10712006598e8800ca7d721355bd70c1
-
SHA1
0e34f6298f81eca938c549761ee0920de20f074c
-
SHA256
4cc5e41fb264e21dd5f3d221118c06a7a0d886a4dcf9d0d8de0dec4124b3792b
-
SHA512
e1a803c22622a52f7d838282aa2298165b61eb4c6d3171c71b4af7263e5b9e03c213a1f457c3029bf5478d3fb19aeb6a0d8c65e728c145d51a0528527c3b1454
-
SSDEEP
1536:ccG6y0zKSHJCeb8H5FEEE6pyZO6icWGze/iJcKQj1y46hajHE4RfsE19PXQbNrN3:cTxSHJCegH1E6E86iXGq/7K5WHElE19a
-
Modifies firewall policy service
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1