General
-
Target
86bc8435236e1345103bea531f8c74a7_JaffaCakes118
-
Size
818KB
-
Sample
240810-tkdv1axakl
-
MD5
86bc8435236e1345103bea531f8c74a7
-
SHA1
29470f47720c3cd5e1a290e07ac998da6ad4f569
-
SHA256
c84f8848b48987330498c7d35d0fc509a9452c99067219648c9d4d9f33ed2e61
-
SHA512
d223e820873d2ee00b60e8f55977081a217b3c2108ae3a96bcaf439ce715fda54f23524f02d4a6302f74b9b7b17f0f720ebdcffdd2921fbe7a5c56a71007126f
-
SSDEEP
24576:KPEUOypp6swmemlFL1PHEJlFtov9G/6bqSqRXHYrmr:RULLY3Q9GibfYHYE
Malware Config
Targets
-
-
Target
86bc8435236e1345103bea531f8c74a7_JaffaCakes118
-
Size
818KB
-
MD5
86bc8435236e1345103bea531f8c74a7
-
SHA1
29470f47720c3cd5e1a290e07ac998da6ad4f569
-
SHA256
c84f8848b48987330498c7d35d0fc509a9452c99067219648c9d4d9f33ed2e61
-
SHA512
d223e820873d2ee00b60e8f55977081a217b3c2108ae3a96bcaf439ce715fda54f23524f02d4a6302f74b9b7b17f0f720ebdcffdd2921fbe7a5c56a71007126f
-
SSDEEP
24576:KPEUOypp6swmemlFL1PHEJlFtov9G/6bqSqRXHYrmr:RULLY3Q9GibfYHYE
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1