General

  • Target

    67717f76f76dbbe239236765e19d85b8_JaffaCakes118

  • Size

    39.4MB

  • Sample

    240522-qw89hadd5z

  • MD5

    67717f76f76dbbe239236765e19d85b8

  • SHA1

    e9222fa3cb1ffce14fe092c8fc25556de92d683b

  • SHA256

    4a4eb18a9ded4da7fb2b586c5faf1ca074db2416cfaa1d03fa8d6b0524e5e50b

  • SHA512

    16c92d0cb7f45810116adec55799d70fcc84be7c0ab8d6262d3c1dfba9da30a1d32ebf96dfb35796af4760cb1eab1a4300ac1f06de50e7a6479f05b4fc30e6a3

  • SSDEEP

    786432:ykxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVH0:ysdqqez9H7wWPRt3f3bXo1wN2

Malware Config

Targets

    • Target

      67717f76f76dbbe239236765e19d85b8_JaffaCakes118

    • Size

      39.4MB

    • MD5

      67717f76f76dbbe239236765e19d85b8

    • SHA1

      e9222fa3cb1ffce14fe092c8fc25556de92d683b

    • SHA256

      4a4eb18a9ded4da7fb2b586c5faf1ca074db2416cfaa1d03fa8d6b0524e5e50b

    • SHA512

      16c92d0cb7f45810116adec55799d70fcc84be7c0ab8d6262d3c1dfba9da30a1d32ebf96dfb35796af4760cb1eab1a4300ac1f06de50e7a6479f05b4fc30e6a3

    • SSDEEP

      786432:ykxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVH0:ysdqqez9H7wWPRt3f3bXo1wN2

    • Modifies firewall policy service

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks