General
-
Target
0b4ff0de3919a61ec83c4271f4c2c56f_JaffaCakes118
-
Size
462KB
-
Sample
240501-hmk7baac9v
-
MD5
0b4ff0de3919a61ec83c4271f4c2c56f
-
SHA1
770b84628269c6c75ab4ab29ae1d337538b46289
-
SHA256
6d3a0281e6c8f67b1bd9e51807b3acfcaa221d0cfbaee476117b1bf3b2c73c53
-
SHA512
d5c2fa8830ffabe23c1786805366a5c1961776cc47de849169455ae074ff8510ee56f29d4a93c87354ee362f2d68f346ed57bd2f3ff3f008816231966fbdc66f
-
SSDEEP
12288:9crNS33L10QdrXP/X+tGfnbtAang35kGbXY0v7zd:ANA3R5drXPrfbCangpvXY0vl
Static task
static1
Behavioral task
behavioral1
Sample
0b4ff0de3919a61ec83c4271f4c2c56f_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
0b4ff0de3919a61ec83c4271f4c2c56f_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
0b4ff0de3919a61ec83c4271f4c2c56f_JaffaCakes118
-
Size
462KB
-
MD5
0b4ff0de3919a61ec83c4271f4c2c56f
-
SHA1
770b84628269c6c75ab4ab29ae1d337538b46289
-
SHA256
6d3a0281e6c8f67b1bd9e51807b3acfcaa221d0cfbaee476117b1bf3b2c73c53
-
SHA512
d5c2fa8830ffabe23c1786805366a5c1961776cc47de849169455ae074ff8510ee56f29d4a93c87354ee362f2d68f346ed57bd2f3ff3f008816231966fbdc66f
-
SSDEEP
12288:9crNS33L10QdrXP/X+tGfnbtAang35kGbXY0v7zd:ANA3R5drXPrfbCangpvXY0vl
Score10/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1