25520352d9d3dc9ce13f400f7a59247fcf8eb181f269df0bccebbc46374f6ef5 | Triage

Sharing

General

Target

28a12a4ecc9ff2f124fcc489a6d5208a_JaffaCakes118
Size

298KB
Sample

240706-sp4fsasdjq
MD5

28a12a4ecc9ff2f124fcc489a6d5208a
SHA1

373eca85c1a9df0d63ff1fa40eb31e7ca8e27fc3
SHA256

25520352d9d3dc9ce13f400f7a59247fcf8eb181f269df0bccebbc46374f6ef5
SHA512

d21c4c660af042ec3ed174ab63324f4600e9d2837f3d6d35992822489edb69fc12c639ac758fc9a2fbcfe3530d01686a73d5846b5f84e79e8d8ee9436cfcda2d
SSDEEP

6144:pEvZpfHI8ELN8BLXm6utjcGuVuyagzo6JgICdPwgbgo1pVIk:snONGLXC4uDio6e18o1DIk

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  28a12a4ecc9ff2f124fcc489a6d5208a_JaffaCakes118
- Size
  
  298KB
- MD5
  
  28a12a4ecc9ff2f124fcc489a6d5208a
- SHA1
  
  373eca85c1a9df0d63ff1fa40eb31e7ca8e27fc3
- SHA256
  
  25520352d9d3dc9ce13f400f7a59247fcf8eb181f269df0bccebbc46374f6ef5
- SHA512
  
  d21c4c660af042ec3ed174ab63324f4600e9d2837f3d6d35992822489edb69fc12c639ac758fc9a2fbcfe3530d01686a73d5846b5f84e79e8d8ee9436cfcda2d
- SSDEEP
  
  6144:pEvZpfHI8ELN8BLXm6utjcGuVuyagzo6JgICdPwgbgo1pVIk:snONGLXC4uDio6e18o1DIk
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2