General

  • Target

    0e77eae190339819f08bff82ddb13cea_JaffaCakes118

  • Size

    39.4MB

  • Sample

    240502-peh6baag53

  • MD5

    0e77eae190339819f08bff82ddb13cea

  • SHA1

    a618273e02dc349f4fd9e6fe68fdf561249c0518

  • SHA256

    402f2c2be0c6f024250089dada02d5a09c6b8eaa3ae348816d579d2c9a3f18f4

  • SHA512

    a05047f3d820ee2c4dca20510578ecf7af90a6722fe181ef174b147f1aebee2dc533878de54eeff3309d35a91ba57848cf0681720eaf207ab9e98c8b49b94235

  • SSDEEP

    786432:Tkxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHs:Tsdqqez9H7wWPRt3f3bXo1wNO

Malware Config

Targets

    • Target

      0e77eae190339819f08bff82ddb13cea_JaffaCakes118

    • Size

      39.4MB

    • MD5

      0e77eae190339819f08bff82ddb13cea

    • SHA1

      a618273e02dc349f4fd9e6fe68fdf561249c0518

    • SHA256

      402f2c2be0c6f024250089dada02d5a09c6b8eaa3ae348816d579d2c9a3f18f4

    • SHA512

      a05047f3d820ee2c4dca20510578ecf7af90a6722fe181ef174b147f1aebee2dc533878de54eeff3309d35a91ba57848cf0681720eaf207ab9e98c8b49b94235

    • SSDEEP

      786432:Tkxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHs:Tsdqqez9H7wWPRt3f3bXo1wNO

    • Modifies firewall policy service

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks