General

  • Target

    72d9bdeb217cc06eca8c7a2221b04d9e_JaffaCakes118

  • Size

    39.4MB

  • Sample

    240525-w1e44sdd2t

  • MD5

    72d9bdeb217cc06eca8c7a2221b04d9e

  • SHA1

    dddcb5a04f7b5334f5f8feee48c667c9ff181fb6

  • SHA256

    b5db22575f90f56c19648a36b3f0a9ac3be9759e74cdf57b97108f74c5df8b59

  • SHA512

    0c04ed53025e5e7acb14e79013e475a20739283d2fe097b8b85e0e83beb2ce57eac00a272f596a1b517f503461d77dd53789fd72aeebbfd942cd21cfbcd6ee69

  • SSDEEP

    786432:pkxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHm:psdqqez9H7wWPRt3f3bXo1wN8

Malware Config

Targets

    • Target

      72d9bdeb217cc06eca8c7a2221b04d9e_JaffaCakes118

    • Size

      39.4MB

    • MD5

      72d9bdeb217cc06eca8c7a2221b04d9e

    • SHA1

      dddcb5a04f7b5334f5f8feee48c667c9ff181fb6

    • SHA256

      b5db22575f90f56c19648a36b3f0a9ac3be9759e74cdf57b97108f74c5df8b59

    • SHA512

      0c04ed53025e5e7acb14e79013e475a20739283d2fe097b8b85e0e83beb2ce57eac00a272f596a1b517f503461d77dd53789fd72aeebbfd942cd21cfbcd6ee69

    • SSDEEP

      786432:pkxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHm:psdqqez9H7wWPRt3f3bXo1wN8

    • Modifies firewall policy service

    • Drops startup file

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks