General

  • Target

    0481efedf1a2ff19d810a619093d7f94_JaffaCakes118

  • Size

    39.4MB

  • Sample

    240428-gj3rhshf6v

  • MD5

    0481efedf1a2ff19d810a619093d7f94

  • SHA1

    181eaec26ea11e50f5c93c5d7dcf55d94c28fcaf

  • SHA256

    5822163026940ee169f3899a570271e38b2f46e6b91534b0deef2e0b6accf169

  • SHA512

    ad48a138d5098838dbd25ec9c1f8c92d340b5287c9d6a17c454b9796af1495deb69186d2fcdc051e9d09a0f0f7ca1a59b373fbb80e4d440835063fd2545ea1f5

  • SSDEEP

    786432:Bkxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHA:Bsdqqez9H7wWPRt3f3bXo1wNG

Malware Config

Targets

    • Target

      0481efedf1a2ff19d810a619093d7f94_JaffaCakes118

    • Size

      39.4MB

    • MD5

      0481efedf1a2ff19d810a619093d7f94

    • SHA1

      181eaec26ea11e50f5c93c5d7dcf55d94c28fcaf

    • SHA256

      5822163026940ee169f3899a570271e38b2f46e6b91534b0deef2e0b6accf169

    • SHA512

      ad48a138d5098838dbd25ec9c1f8c92d340b5287c9d6a17c454b9796af1495deb69186d2fcdc051e9d09a0f0f7ca1a59b373fbb80e4d440835063fd2545ea1f5

    • SSDEEP

      786432:Bkxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHA:Bsdqqez9H7wWPRt3f3bXo1wNG

    • Modifies firewall policy service

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks