General
-
Target
69f3b0f81b63357391f8f44de001d966_JaffaCakes118
-
Size
728KB
-
Sample
240724-c5j43stdlk
-
MD5
69f3b0f81b63357391f8f44de001d966
-
SHA1
cf9e9ea2395cd6e940ff05b97fe89aa4ca72e5b3
-
SHA256
d3acf108357858e384939ac28508e0608a90880549a0252579909efce87c8438
-
SHA512
81af2a704eb231916717359656d0368ffe23f34b4ef2e924834b49ae1c434b104bce3c0ad8588503ed79bae3222846bbcf70b8ce14515981cae46bc8670e28b5
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXC/meGDgGeItoEc9GspWZhASRXHYnrmU:lEc8H5fMLN2Kb7CrGlFtov9GsqRXHYrf
Malware Config
Targets
-
-
Target
69f3b0f81b63357391f8f44de001d966_JaffaCakes118
-
Size
728KB
-
MD5
69f3b0f81b63357391f8f44de001d966
-
SHA1
cf9e9ea2395cd6e940ff05b97fe89aa4ca72e5b3
-
SHA256
d3acf108357858e384939ac28508e0608a90880549a0252579909efce87c8438
-
SHA512
81af2a704eb231916717359656d0368ffe23f34b4ef2e924834b49ae1c434b104bce3c0ad8588503ed79bae3222846bbcf70b8ce14515981cae46bc8670e28b5
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXC/meGDgGeItoEc9GspWZhASRXHYnrmU:lEc8H5fMLN2Kb7CrGlFtov9GsqRXHYrf
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1