General
-
Target
110ba3e32af6dfe5c76196ff4c630758_JaffaCakes118
-
Size
3.2MB
-
Sample
240626-hbjjcatajm
-
MD5
110ba3e32af6dfe5c76196ff4c630758
-
SHA1
0dea015ad33e3714870861738e45a717d086c3c2
-
SHA256
a04a0c20add53d26d80ea85afad28cc9182b008e7186560a2cc31b7895406c57
-
SHA512
5e612e6655eb62d66f1089b0f075f58b569c6cb3b2227b412720c4577be9b28088baadead3557dd06f513f945a409a6442e68c9f8534485c56d1752b73a57f20
-
SSDEEP
49152:x+rlFhVyI0o1M/bhYjhaPqppE0FOjPIrhfs9qdUv+FjrQzCBx1yrZO+OU:yhVyI0oShuaPyE0FOPHEdU2JQzE1G3j
Static task
static1
Behavioral task
behavioral1
Sample
110ba3e32af6dfe5c76196ff4c630758_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
110ba3e32af6dfe5c76196ff4c630758_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
110ba3e32af6dfe5c76196ff4c630758_JaffaCakes118
-
Size
3.2MB
-
MD5
110ba3e32af6dfe5c76196ff4c630758
-
SHA1
0dea015ad33e3714870861738e45a717d086c3c2
-
SHA256
a04a0c20add53d26d80ea85afad28cc9182b008e7186560a2cc31b7895406c57
-
SHA512
5e612e6655eb62d66f1089b0f075f58b569c6cb3b2227b412720c4577be9b28088baadead3557dd06f513f945a409a6442e68c9f8534485c56d1752b73a57f20
-
SSDEEP
49152:x+rlFhVyI0o1M/bhYjhaPqppE0FOjPIrhfs9qdUv+FjrQzCBx1yrZO+OU:yhVyI0oShuaPyE0FOPHEdU2JQzE1G3j
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1