General
-
Target
738bb2226b61934ec80c5875fb0f34b8_JaffaCakes118
-
Size
766KB
-
Sample
240726-ltvk4szeqn
-
MD5
738bb2226b61934ec80c5875fb0f34b8
-
SHA1
7297d145e8b159bbaa3d3eceaff96331495d3fbc
-
SHA256
d16a9e967fe1b1a87d8c378c6a3e79ae27f871370d81232d1b1cbc40208c0cf2
-
SHA512
22770ac42f978f56c24ab465960464ccbd960f2fe6a40f6677f47e2c5aec91ce3cfb5ed1b242da32910976836a9962bc898039e32218751076f2b62484b7b3ee
-
SSDEEP
12288:Z2qmS5hErmwtWU35YX+je1oksxOvab819qB6T9eRMwG6sq:Yq1hOtrYXDoksxOvab819qBO9e7G6v
Malware Config
Targets
-
-
Target
738bb2226b61934ec80c5875fb0f34b8_JaffaCakes118
-
Size
766KB
-
MD5
738bb2226b61934ec80c5875fb0f34b8
-
SHA1
7297d145e8b159bbaa3d3eceaff96331495d3fbc
-
SHA256
d16a9e967fe1b1a87d8c378c6a3e79ae27f871370d81232d1b1cbc40208c0cf2
-
SHA512
22770ac42f978f56c24ab465960464ccbd960f2fe6a40f6677f47e2c5aec91ce3cfb5ed1b242da32910976836a9962bc898039e32218751076f2b62484b7b3ee
-
SSDEEP
12288:Z2qmS5hErmwtWU35YX+je1oksxOvab819qB6T9eRMwG6sq:Yq1hOtrYXDoksxOvab819qBO9e7G6v
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1