General
-
Target
10bb505836bc133381a95266a49d5996_JaffaCakes118
-
Size
189KB
-
Sample
240626-e6t2savfpd
-
MD5
10bb505836bc133381a95266a49d5996
-
SHA1
c2a7daac74c2161673584eb0e2e159cbd6a625d1
-
SHA256
21ea4241a21a847fac301ebf56d267b1af23f7f0421aac5e50e0f96f2bda4c89
-
SHA512
583f171a1c590be4787ff8e7e44c5e7aa342b6923b13982067776d0d7bf522dd77b3634fac03c5c87d19f0c2129cd2c9ad91eb4cae6db762370d082dee217283
-
SSDEEP
3072:5J2sagiMkRPMfqkjl4jJ4aZ2fs2lhPOGgaV6u1rToUBv7Iufg:5os/iMkRPMSkc2ksHb6qnXfg
Static task
static1
Behavioral task
behavioral1
Sample
10bb505836bc133381a95266a49d5996_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
10bb505836bc133381a95266a49d5996_JaffaCakes118
-
Size
189KB
-
MD5
10bb505836bc133381a95266a49d5996
-
SHA1
c2a7daac74c2161673584eb0e2e159cbd6a625d1
-
SHA256
21ea4241a21a847fac301ebf56d267b1af23f7f0421aac5e50e0f96f2bda4c89
-
SHA512
583f171a1c590be4787ff8e7e44c5e7aa342b6923b13982067776d0d7bf522dd77b3634fac03c5c87d19f0c2129cd2c9ad91eb4cae6db762370d082dee217283
-
SSDEEP
3072:5J2sagiMkRPMfqkjl4jJ4aZ2fs2lhPOGgaV6u1rToUBv7Iufg:5os/iMkRPMSkc2ksHb6qnXfg
-
Modifies firewall policy service
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1