General
-
Target
366052d194e4c44cf95e113c89058a71_JaffaCakes118
-
Size
168KB
-
Sample
240710-zw5ezszdqm
-
MD5
366052d194e4c44cf95e113c89058a71
-
SHA1
544e93506dfc1feff1f1e3ee0b064d2e74cfc304
-
SHA256
34a3984bfaf6bbec8a37ff99a026dc51ba77ab65585867adf685e796fd633fe0
-
SHA512
8b0bf20715dc2a55752506cbc3b51d7b83c34de7a21c52cfb97d8ebd359a3787ecb5d285aee0309954e2396824bebf345ee088e4a7678e787a9976fc85757c6a
-
SSDEEP
3072:u8NQKPWDyuReaJltZrpRnvuR5jsxEn8w0MgnrOrcoyo:BNSDyuRvthpUn8LCra
Static task
static1
Behavioral task
behavioral1
Sample
366052d194e4c44cf95e113c89058a71_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
366052d194e4c44cf95e113c89058a71_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
366052d194e4c44cf95e113c89058a71_JaffaCakes118
-
Size
168KB
-
MD5
366052d194e4c44cf95e113c89058a71
-
SHA1
544e93506dfc1feff1f1e3ee0b064d2e74cfc304
-
SHA256
34a3984bfaf6bbec8a37ff99a026dc51ba77ab65585867adf685e796fd633fe0
-
SHA512
8b0bf20715dc2a55752506cbc3b51d7b83c34de7a21c52cfb97d8ebd359a3787ecb5d285aee0309954e2396824bebf345ee088e4a7678e787a9976fc85757c6a
-
SSDEEP
3072:u8NQKPWDyuReaJltZrpRnvuR5jsxEn8w0MgnrOrcoyo:BNSDyuRvthpUn8LCra
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1