General
-
Target
6fb41d8a6ec15957a722aedc15aa3d78_JaffaCakes118
-
Size
728KB
-
Sample
240725-qdk4ystbjg
-
MD5
6fb41d8a6ec15957a722aedc15aa3d78
-
SHA1
37d87a86b0e114cbc8a9defe5f88f7a1177ae0a8
-
SHA256
a1449fbec25165b03404330426ef7ea0d772ae10979c5ae2a4589d629ecd6a69
-
SHA512
1cddcc1014ba6b94177c8d975c282d9083d902855bedde5340ca32a573eea221bf47d34d14d0b5bcb425cb505e12f861c683e0d5990de4a3cc25b93813a3de42
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXn/meGDgGeItoEc9GspWZhASRXHYnrmr:lEc8H5fMLN2Kb7nrGlFtov9GsqRXHYrU
Malware Config
Targets
-
-
Target
6fb41d8a6ec15957a722aedc15aa3d78_JaffaCakes118
-
Size
728KB
-
MD5
6fb41d8a6ec15957a722aedc15aa3d78
-
SHA1
37d87a86b0e114cbc8a9defe5f88f7a1177ae0a8
-
SHA256
a1449fbec25165b03404330426ef7ea0d772ae10979c5ae2a4589d629ecd6a69
-
SHA512
1cddcc1014ba6b94177c8d975c282d9083d902855bedde5340ca32a573eea221bf47d34d14d0b5bcb425cb505e12f861c683e0d5990de4a3cc25b93813a3de42
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXn/meGDgGeItoEc9GspWZhASRXHYnrmr:lEc8H5fMLN2Kb7nrGlFtov9GsqRXHYrU
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1