General
-
Target
fb855f990c9d0bbb6b344686ff133ae8_JaffaCakes118
-
Size
312KB
-
Sample
240420-aw9l9sce3t
-
MD5
fb855f990c9d0bbb6b344686ff133ae8
-
SHA1
6cd1c7480d59466b5ad748c951b450cfab419a4a
-
SHA256
eec1b7920c6077967531e3c86b5092a609e3c678290fa532995a921962aa94fe
-
SHA512
75203e815e471eff64da20675819f3f800ef0a82e624a67dc3940bb85e338d83fd86d93608b806ba5753e53c7c488cbe488796b4ce7aa39266527a269f6f3035
-
SSDEEP
6144:5ioQFl9LBX+qglbe8r7Fg9UIox0O5TzrXjZq/:5ioYJX+BVFe/cTzbj
Static task
static1
Behavioral task
behavioral1
Sample
fb855f990c9d0bbb6b344686ff133ae8_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fb855f990c9d0bbb6b344686ff133ae8_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fb855f990c9d0bbb6b344686ff133ae8_JaffaCakes118
-
Size
312KB
-
MD5
fb855f990c9d0bbb6b344686ff133ae8
-
SHA1
6cd1c7480d59466b5ad748c951b450cfab419a4a
-
SHA256
eec1b7920c6077967531e3c86b5092a609e3c678290fa532995a921962aa94fe
-
SHA512
75203e815e471eff64da20675819f3f800ef0a82e624a67dc3940bb85e338d83fd86d93608b806ba5753e53c7c488cbe488796b4ce7aa39266527a269f6f3035
-
SSDEEP
6144:5ioQFl9LBX+qglbe8r7Fg9UIox0O5TzrXjZq/:5ioYJX+BVFe/cTzbj
Score10/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1