General

  • Target

    0b398b23ff436285b3d550d022271312_JaffaCakes118

  • Size

    39.4MB

  • Sample

    240501-gtpyeahf5x

  • MD5

    0b398b23ff436285b3d550d022271312

  • SHA1

    cfcffd5261f4269373a27632111d23adf47c72e5

  • SHA256

    e0607be4ed9ecc8851304eb1a0ef6c8db5efb4656432650f8422f4b33863e9ba

  • SHA512

    6906e60c7978ec583feb8bf6b166d994cc05e5f5bdf782fa6066fd840478f70d1e55339c31ffdcd1194e13bd8fca293f239ac18dbb1ee9f182dec641f25d069c

  • SSDEEP

    786432:Akxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHo:Asdqqez9H7wWPRt3f3bXo1wN6

Malware Config

Targets

    • Target

      0b398b23ff436285b3d550d022271312_JaffaCakes118

    • Size

      39.4MB

    • MD5

      0b398b23ff436285b3d550d022271312

    • SHA1

      cfcffd5261f4269373a27632111d23adf47c72e5

    • SHA256

      e0607be4ed9ecc8851304eb1a0ef6c8db5efb4656432650f8422f4b33863e9ba

    • SHA512

      6906e60c7978ec583feb8bf6b166d994cc05e5f5bdf782fa6066fd840478f70d1e55339c31ffdcd1194e13bd8fca293f239ac18dbb1ee9f182dec641f25d069c

    • SSDEEP

      786432:Akxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHo:Asdqqez9H7wWPRt3f3bXo1wN6

    • Modifies firewall policy service

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks