General
-
Target
1c8f85c01371065706aeaf566960dba1_JaffaCakes118
-
Size
288KB
-
Sample
240701-1bty7avcjj
-
MD5
1c8f85c01371065706aeaf566960dba1
-
SHA1
308f2995eb305f3ba854cbb6a314a62905df87e8
-
SHA256
f0efafa624cd5f05829812dfbfd90fad13974a77187298a680f0d0e1d14112be
-
SHA512
86f3b3478fe5372e4ea8600fc9f3a30beed6f5dd862f4cc501ae4181f24127f975ea63236fe6ab56ef81ce71c479b66a7673778e6b42e8a96a45bcbd80b8d0a4
-
SSDEEP
6144:yDdP8hmysz6ER1zUizyIWh5XhTBUcoPpHJADd:iP8hm1G4zbeJhTixP56Dd
Malware Config
Targets
-
-
Target
1c8f85c01371065706aeaf566960dba1_JaffaCakes118
-
Size
288KB
-
MD5
1c8f85c01371065706aeaf566960dba1
-
SHA1
308f2995eb305f3ba854cbb6a314a62905df87e8
-
SHA256
f0efafa624cd5f05829812dfbfd90fad13974a77187298a680f0d0e1d14112be
-
SHA512
86f3b3478fe5372e4ea8600fc9f3a30beed6f5dd862f4cc501ae4181f24127f975ea63236fe6ab56ef81ce71c479b66a7673778e6b42e8a96a45bcbd80b8d0a4
-
SSDEEP
6144:yDdP8hmysz6ER1zUizyIWh5XhTBUcoPpHJADd:iP8hm1G4zbeJhTixP56Dd
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1