General
-
Target
0e77eae190339819f08bff82ddb13cea_JaffaCakes118
-
Size
39.4MB
-
Sample
240502-peh6baag53
-
MD5
0e77eae190339819f08bff82ddb13cea
-
SHA1
a618273e02dc349f4fd9e6fe68fdf561249c0518
-
SHA256
402f2c2be0c6f024250089dada02d5a09c6b8eaa3ae348816d579d2c9a3f18f4
-
SHA512
a05047f3d820ee2c4dca20510578ecf7af90a6722fe181ef174b147f1aebee2dc533878de54eeff3309d35a91ba57848cf0681720eaf207ab9e98c8b49b94235
-
SSDEEP
786432:Tkxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHs:Tsdqqez9H7wWPRt3f3bXo1wNO
Static task
static1
Behavioral task
behavioral1
Sample
0e77eae190339819f08bff82ddb13cea_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0e77eae190339819f08bff82ddb13cea_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
0e77eae190339819f08bff82ddb13cea_JaffaCakes118
-
Size
39.4MB
-
MD5
0e77eae190339819f08bff82ddb13cea
-
SHA1
a618273e02dc349f4fd9e6fe68fdf561249c0518
-
SHA256
402f2c2be0c6f024250089dada02d5a09c6b8eaa3ae348816d579d2c9a3f18f4
-
SHA512
a05047f3d820ee2c4dca20510578ecf7af90a6722fe181ef174b147f1aebee2dc533878de54eeff3309d35a91ba57848cf0681720eaf207ab9e98c8b49b94235
-
SSDEEP
786432:Tkxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHs:Tsdqqez9H7wWPRt3f3bXo1wNO
Score10/10-
Modifies firewall policy service
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Browser Extensions
1Create or Modify System Process
2Windows Service
2Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
2Windows Service
2Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
5Subvert Trust Controls
1Install Root Certificate
1