General

  • Target

    715c01ef18964abf5b9e8d97fa92eaf5_JaffaCakes118

  • Size

    39.4MB

  • Sample

    240525-j5rx9abd2w

  • MD5

    715c01ef18964abf5b9e8d97fa92eaf5

  • SHA1

    eed15cbfcad916bff40dd03783e0507918985990

  • SHA256

    7aba7c1cacbc3e4f24b7389ec13f54da5a56420905f4d5f82aaa6d999b6aef4f

  • SHA512

    2f45f5d66ec124fff8362e2e3ea00ad68d51440f63360ef19ade846ad3ae55c91069bf0b7b5ed1031b85b8fb06a5a13be0d75e0581ece53f50884bb082700a2f

  • SSDEEP

    786432:/kxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHU:/sdqqez9H7wWPRt3f3bXo1wNq

Malware Config

Targets

    • Target

      715c01ef18964abf5b9e8d97fa92eaf5_JaffaCakes118

    • Size

      39.4MB

    • MD5

      715c01ef18964abf5b9e8d97fa92eaf5

    • SHA1

      eed15cbfcad916bff40dd03783e0507918985990

    • SHA256

      7aba7c1cacbc3e4f24b7389ec13f54da5a56420905f4d5f82aaa6d999b6aef4f

    • SHA512

      2f45f5d66ec124fff8362e2e3ea00ad68d51440f63360ef19ade846ad3ae55c91069bf0b7b5ed1031b85b8fb06a5a13be0d75e0581ece53f50884bb082700a2f

    • SSDEEP

      786432:/kxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHU:/sdqqez9H7wWPRt3f3bXo1wNq

    • Modifies firewall policy service

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks