General
-
Target
0ac4a79a6a1ec9a3fb5fdb83ca91b58e_JaffaCakes118
-
Size
39.4MB
-
Sample
240501-a92tksdg26
-
MD5
0ac4a79a6a1ec9a3fb5fdb83ca91b58e
-
SHA1
8ec2b42a6ef0cee42f5b98f5b3dfc9076d78e9ca
-
SHA256
c878a76903853df05de8ba5c545353749a060b90cbf410ee524bc1b16ee8218b
-
SHA512
4c4658eeca3d8fdc99f35d78bc5943db060d2d7eb4f29e689ed99e407365f78e8ee6ae3e57db8ff17d17fd562d9888d1134aa47784973e4279ae8d5bd4219572
-
SSDEEP
786432:fkxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHY:fsdqqez9H7wWPRt3f3bXo1wNa
Static task
static1
Behavioral task
behavioral1
Sample
0ac4a79a6a1ec9a3fb5fdb83ca91b58e_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
0ac4a79a6a1ec9a3fb5fdb83ca91b58e_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
0ac4a79a6a1ec9a3fb5fdb83ca91b58e_JaffaCakes118
-
Size
39.4MB
-
MD5
0ac4a79a6a1ec9a3fb5fdb83ca91b58e
-
SHA1
8ec2b42a6ef0cee42f5b98f5b3dfc9076d78e9ca
-
SHA256
c878a76903853df05de8ba5c545353749a060b90cbf410ee524bc1b16ee8218b
-
SHA512
4c4658eeca3d8fdc99f35d78bc5943db060d2d7eb4f29e689ed99e407365f78e8ee6ae3e57db8ff17d17fd562d9888d1134aa47784973e4279ae8d5bd4219572
-
SSDEEP
786432:fkxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHY:fsdqqez9H7wWPRt3f3bXo1wNa
Score10/10-
Modifies firewall policy service
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Browser Extensions
1Create or Modify System Process
2Windows Service
2Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
2Windows Service
2Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
5Subvert Trust Controls
1Install Root Certificate
1