General

  • Target

    0b096b0eaa709783fc41eb0229ed360c_JaffaCakes118

  • Size

    39.4MB

  • Sample

    240501-epf4lahe75

  • MD5

    0b096b0eaa709783fc41eb0229ed360c

  • SHA1

    b6b4d7b03bf954c5d69bfa802e10b433bb823469

  • SHA256

    77af8ecaea739d57af18cafc42cf6cc727035f9287c333bbf38e183971dfebef

  • SHA512

    5637c7dc88efbaf26a2cda6560ed8fba075c4f1fe440fc8613d05d274f0de614683e8bf5d0a0ea240ada8d33914245b8665eefb6b900011916c5d3531829ad1f

  • SSDEEP

    786432:lkxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHz:lsdqqez9H7wWPRt3f3bXo1wNR

Malware Config

Targets

    • Target

      0b096b0eaa709783fc41eb0229ed360c_JaffaCakes118

    • Size

      39.4MB

    • MD5

      0b096b0eaa709783fc41eb0229ed360c

    • SHA1

      b6b4d7b03bf954c5d69bfa802e10b433bb823469

    • SHA256

      77af8ecaea739d57af18cafc42cf6cc727035f9287c333bbf38e183971dfebef

    • SHA512

      5637c7dc88efbaf26a2cda6560ed8fba075c4f1fe440fc8613d05d274f0de614683e8bf5d0a0ea240ada8d33914245b8665eefb6b900011916c5d3531829ad1f

    • SSDEEP

      786432:lkxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHz:lsdqqez9H7wWPRt3f3bXo1wNR

    • Modifies firewall policy service

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks