General
-
Target
04b21b8763f3bc4ea2b395a13078ff87_JaffaCakes118
-
Size
39.4MB
-
Sample
240428-jjc7zabc3w
-
MD5
04b21b8763f3bc4ea2b395a13078ff87
-
SHA1
11da815d06e4b7fd855b4647e048424eac1ad5da
-
SHA256
22795204fb8c5ab18cf452e6a723163c029d5b416870348254d45dedb6d1ec82
-
SHA512
08a100c63f18e7e569cf63b7d13d61c31064f59a6d5529bb327b1f81fe8bf20a5e337af0921df0466ee244541df58075a2fa1d93d2be719f866492cdf82077f1
-
SSDEEP
786432:/kxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHQ:/sdqqez9H7wWPRt3f3bXo1wNC
Malware Config
Targets
-
-
Target
04b21b8763f3bc4ea2b395a13078ff87_JaffaCakes118
-
Size
39.4MB
-
MD5
04b21b8763f3bc4ea2b395a13078ff87
-
SHA1
11da815d06e4b7fd855b4647e048424eac1ad5da
-
SHA256
22795204fb8c5ab18cf452e6a723163c029d5b416870348254d45dedb6d1ec82
-
SHA512
08a100c63f18e7e569cf63b7d13d61c31064f59a6d5529bb327b1f81fe8bf20a5e337af0921df0466ee244541df58075a2fa1d93d2be719f866492cdf82077f1
-
SSDEEP
786432:/kxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHQ:/sdqqez9H7wWPRt3f3bXo1wNC
Score10/10-
Modifies firewall policy service
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Browser Extensions
1Create or Modify System Process
2Windows Service
2Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
2Windows Service
2Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
5Subvert Trust Controls
1Install Root Certificate
1