General
-
Target
112a2f60166d02ae5fd3c1083ceeaec3_JaffaCakes118
-
Size
211KB
-
Sample
240626-h64srsvfkl
-
MD5
112a2f60166d02ae5fd3c1083ceeaec3
-
SHA1
6f0c26285c0aec3e3c75d540096eb0795ece223e
-
SHA256
06f78739df5f81f05eaf0516d2bd184938f220bfb69b9306d227073856a156f7
-
SHA512
a2a596b658f48e77c4bafc720742ff8c79ed29cca93213d977ed52025fdfd622ceef675e4b84714af80664d64e5b84a1d37d63457ce6b236ed36710d0c89e1f2
-
SSDEEP
3072:8yK7YU+s7dScGdolnUbNeZI+qCfZY11XavjLf+s/F5tDyMRqdfBFc6x05U9PJtUR:8HP7/GdouNeZrrfWCLCutr6x0wW4Iyo
Static task
static1
Behavioral task
behavioral1
Sample
112a2f60166d02ae5fd3c1083ceeaec3_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
112a2f60166d02ae5fd3c1083ceeaec3_JaffaCakes118
-
Size
211KB
-
MD5
112a2f60166d02ae5fd3c1083ceeaec3
-
SHA1
6f0c26285c0aec3e3c75d540096eb0795ece223e
-
SHA256
06f78739df5f81f05eaf0516d2bd184938f220bfb69b9306d227073856a156f7
-
SHA512
a2a596b658f48e77c4bafc720742ff8c79ed29cca93213d977ed52025fdfd622ceef675e4b84714af80664d64e5b84a1d37d63457ce6b236ed36710d0c89e1f2
-
SSDEEP
3072:8yK7YU+s7dScGdolnUbNeZI+qCfZY11XavjLf+s/F5tDyMRqdfBFc6x05U9PJtUR:8HP7/GdouNeZrrfWCLCutr6x0wW4Iyo
-
Modifies firewall policy service
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1