General
-
Target
106bb4a70057c07a934c8063c322c161_JaffaCakes118
-
Size
289KB
-
Sample
240626-cywjjasdjn
-
MD5
106bb4a70057c07a934c8063c322c161
-
SHA1
7a33efd95bc9f5417843accb26ad99de508eadec
-
SHA256
18e83d70c877480265ffb69246dba9e9862a3042abda81ec40675771ff2a701c
-
SHA512
06bdcc3562018d9469ac194b55bffcb94ead0772875db7f58e41239aeb41e68261cf8be884a0bfdd546be860c3f2c7f05aa8748b58732cc1f6555df81ae432a2
-
SSDEEP
3072:oD2hT7lKbtfldRMtyyYyOTxsr4jOSGUCwyJItdwED41Y4DW5613o:oDe7lKbFlMg/yO9jzXCw9i1Y15614
Static task
static1
Behavioral task
behavioral1
Sample
106bb4a70057c07a934c8063c322c161_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
106bb4a70057c07a934c8063c322c161_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
106bb4a70057c07a934c8063c322c161_JaffaCakes118
-
Size
289KB
-
MD5
106bb4a70057c07a934c8063c322c161
-
SHA1
7a33efd95bc9f5417843accb26ad99de508eadec
-
SHA256
18e83d70c877480265ffb69246dba9e9862a3042abda81ec40675771ff2a701c
-
SHA512
06bdcc3562018d9469ac194b55bffcb94ead0772875db7f58e41239aeb41e68261cf8be884a0bfdd546be860c3f2c7f05aa8748b58732cc1f6555df81ae432a2
-
SSDEEP
3072:oD2hT7lKbtfldRMtyyYyOTxsr4jOSGUCwyJItdwED41Y4DW5613o:oDe7lKbFlMg/yO9jzXCw9i1Y15614
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1