General
-
Target
6865aa2ddc9e16981ebc8e2f3e47b747_JaffaCakes118
-
Size
733KB
-
Sample
240723-vbj64azcpj
-
MD5
6865aa2ddc9e16981ebc8e2f3e47b747
-
SHA1
aecc5653da6f6b686f458229f6319fb74946a5bb
-
SHA256
5b18abe94f214848e4c92d0aaf0e95994f8bb0e7a5fc434d78e3f3798889cb28
-
SHA512
6460f3262a89204a8bd2122d96ac2be1eea35d989581957290d7d0fb0953079c1abfd26ed1abb11029278a1078a6d1a6e5a548485219c934847598e5d15cb912
-
SSDEEP
12288:13Fpj4rBRLukn+zKg2oOR2OQl5fAdmxQDgGeItGBV07XpWZhASRXHYnrmN:1VpUFRUgoOwOY5fAqQlFtWVAqRXHYrmN
Malware Config
Targets
-
-
Target
6865aa2ddc9e16981ebc8e2f3e47b747_JaffaCakes118
-
Size
733KB
-
MD5
6865aa2ddc9e16981ebc8e2f3e47b747
-
SHA1
aecc5653da6f6b686f458229f6319fb74946a5bb
-
SHA256
5b18abe94f214848e4c92d0aaf0e95994f8bb0e7a5fc434d78e3f3798889cb28
-
SHA512
6460f3262a89204a8bd2122d96ac2be1eea35d989581957290d7d0fb0953079c1abfd26ed1abb11029278a1078a6d1a6e5a548485219c934847598e5d15cb912
-
SSDEEP
12288:13Fpj4rBRLukn+zKg2oOR2OQl5fAdmxQDgGeItGBV07XpWZhASRXHYnrmN:1VpUFRUgoOwOY5fAqQlFtWVAqRXHYrmN
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1