General

  • Target

    28aef35f8c0d8e47c8941d8e793c9658_JaffaCakes118

  • Size

    252KB

  • Sample

    240706-s22gystanr

  • MD5

    28aef35f8c0d8e47c8941d8e793c9658

  • SHA1

    a873dd06d6b780730f11b324386fc17b275ef6a2

  • SHA256

    c4d5038d27d3ebf19646addd4841f00624bddab48da2f334adbf438b79e2149b

  • SHA512

    158715cf3c4b4a670ff61422824dab198dc7ad1a990f2486927592e42983ad468ab41a11864678e727b76c0433ea23bce5ce060836b68d98f527d20acca8d9ac

  • SSDEEP

    3072:5z732vID7NYWvmySFOjWNsii1LPXyCrNG+JkL7jSO2YdD7QQ+6Z/Bodrh0iv00VR:5GvIN94qdisAt3gNbwJoduy/mqgGcSu2

Malware Config

Targets

    • Target

      28aef35f8c0d8e47c8941d8e793c9658_JaffaCakes118

    • Size

      252KB

    • MD5

      28aef35f8c0d8e47c8941d8e793c9658

    • SHA1

      a873dd06d6b780730f11b324386fc17b275ef6a2

    • SHA256

      c4d5038d27d3ebf19646addd4841f00624bddab48da2f334adbf438b79e2149b

    • SHA512

      158715cf3c4b4a670ff61422824dab198dc7ad1a990f2486927592e42983ad468ab41a11864678e727b76c0433ea23bce5ce060836b68d98f527d20acca8d9ac

    • SSDEEP

      3072:5z732vID7NYWvmySFOjWNsii1LPXyCrNG+JkL7jSO2YdD7QQ+6Z/Bodrh0iv00VR:5GvIN94qdisAt3gNbwJoduy/mqgGcSu2

    • Modifies firewall policy service

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks