General

  • Target

    0d36fa5e6d250081dabd5f2771e0cfef_JaffaCakes118

  • Size

    39.4MB

  • Sample

    240502-csgs7aed2y

  • MD5

    0d36fa5e6d250081dabd5f2771e0cfef

  • SHA1

    e936c7220afde961602c3fe23333ebfc98f740c4

  • SHA256

    d50eef830a1b196a1ef11fbd773409c70edfeb8edc5f8e0452c1e503c57239a9

  • SHA512

    d8259c5f320218cf5a3b4333772098a460c9362d120aebbeb52994995fa54ecfd195492e4c86b2283348bcb030c657e87a455bd9c51a5c85425233cc3d78407e

  • SSDEEP

    786432:Okxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHn:Osdqqez9H7wWPRt3f3bXo1wN5

Malware Config

Targets

    • Target

      0d36fa5e6d250081dabd5f2771e0cfef_JaffaCakes118

    • Size

      39.4MB

    • MD5

      0d36fa5e6d250081dabd5f2771e0cfef

    • SHA1

      e936c7220afde961602c3fe23333ebfc98f740c4

    • SHA256

      d50eef830a1b196a1ef11fbd773409c70edfeb8edc5f8e0452c1e503c57239a9

    • SHA512

      d8259c5f320218cf5a3b4333772098a460c9362d120aebbeb52994995fa54ecfd195492e4c86b2283348bcb030c657e87a455bd9c51a5c85425233cc3d78407e

    • SSDEEP

      786432:Okxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHn:Osdqqez9H7wWPRt3f3bXo1wN5

    • Modifies firewall policy service

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks