General
-
Target
a2f3940682dc120a0fb1119c1ed52767_JaffaCakes118
-
Size
280KB
-
Sample
240817-r3hwkatfll
-
MD5
a2f3940682dc120a0fb1119c1ed52767
-
SHA1
8754d2c0fdc28553bdee6e77dfd37e74c9304e7a
-
SHA256
19a981c49024e4bc5ec2496e53ac074ed3baf7bb24dde5421859b375ac1b8e2c
-
SHA512
27e17afa4dd65b7b679df879631ad9444534191fa17b4985cc956dd6baf492e59fa958809b03ca471e4f523e10fc4a95fb80725344bfad07b604e35394670bcb
-
SSDEEP
6144:2aCHQiRgkktkhvgyFvatu6REsyzBaM577vWremDhU:FCwkgkktkhI8yY6Ral7FmDe
Static task
static1
Behavioral task
behavioral1
Sample
a2f3940682dc120a0fb1119c1ed52767_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
a2f3940682dc120a0fb1119c1ed52767_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
njrat
0.7d
byuac
queda2122.ddns.net:90
39e10978c4093d381ef3d982b00559c2
-
reg_key
39e10978c4093d381ef3d982b00559c2
-
splitter
|'|'|
Targets
-
-
Target
a2f3940682dc120a0fb1119c1ed52767_JaffaCakes118
-
Size
280KB
-
MD5
a2f3940682dc120a0fb1119c1ed52767
-
SHA1
8754d2c0fdc28553bdee6e77dfd37e74c9304e7a
-
SHA256
19a981c49024e4bc5ec2496e53ac074ed3baf7bb24dde5421859b375ac1b8e2c
-
SHA512
27e17afa4dd65b7b679df879631ad9444534191fa17b4985cc956dd6baf492e59fa958809b03ca471e4f523e10fc4a95fb80725344bfad07b604e35394670bcb
-
SSDEEP
6144:2aCHQiRgkktkhvgyFvatu6REsyzBaM577vWremDhU:FCwkgkktkhI8yY6Ral7FmDe
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1