General
-
Target
7332b68baf8ae269b17369e4f727e520_JaffaCakes118
-
Size
731KB
-
Sample
240726-jtq7ksvgqm
-
MD5
7332b68baf8ae269b17369e4f727e520
-
SHA1
a469581cf7e593de0eb71370896db85ab6cab146
-
SHA256
11cf8515b40b801292b4f79b44ca58b48cc82214931c1327e2593ddc2f745bff
-
SHA512
a8e13b690ea8fa7bc38c2221c04b0ff6dc104ef331e8307cf9cdbef9281af9966d1243f2d66a338e6ac18540f9a3aea4d90c2bb8578bdbe7b30c79d7e7ddaf1e
-
SSDEEP
12288:Jaingtd/9iCpVEZxzraxdUdpmtFmjnDgGeIttwoPR5pWZhAIRXHYnrmj:JaigD/ArravUdstwnlFttwYQRXHYrmj
Malware Config
Targets
-
-
Target
7332b68baf8ae269b17369e4f727e520_JaffaCakes118
-
Size
731KB
-
MD5
7332b68baf8ae269b17369e4f727e520
-
SHA1
a469581cf7e593de0eb71370896db85ab6cab146
-
SHA256
11cf8515b40b801292b4f79b44ca58b48cc82214931c1327e2593ddc2f745bff
-
SHA512
a8e13b690ea8fa7bc38c2221c04b0ff6dc104ef331e8307cf9cdbef9281af9966d1243f2d66a338e6ac18540f9a3aea4d90c2bb8578bdbe7b30c79d7e7ddaf1e
-
SSDEEP
12288:Jaingtd/9iCpVEZxzraxdUdpmtFmjnDgGeIttwoPR5pWZhAIRXHYnrmj:JaigD/ArravUdstwnlFttwYQRXHYrmj
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1