General
-
Target
8dd9222c722c8e0ac8aa174aa8d091a7_JaffaCakes118
-
Size
733KB
-
Sample
240812-jarn1avgqh
-
MD5
8dd9222c722c8e0ac8aa174aa8d091a7
-
SHA1
b29bb2d1bac0a54cfe60f7bb2dc22fc641314211
-
SHA256
1b6cb188f6db91487d0774dc36129d0cb09145bf4f3a03456050cfe0979a4d3d
-
SHA512
505e6f17302184d4abdb9f0fc31f63f51a131ade38f27426aa18f1330c723fe779f34108be1a0cf1ced316b06a8d9285745b9c0051208ed2eaf6eb96dc4f8391
-
SSDEEP
12288:13Fpj4rBRLukn+zKg2oOR2OQl5KAdmxQDgGeItGBV07XpWZhASRXHYnrmK:1VpUFRUgoOwOY5KAqQlFtWVAqRXHYrmK
Malware Config
Targets
-
-
Target
8dd9222c722c8e0ac8aa174aa8d091a7_JaffaCakes118
-
Size
733KB
-
MD5
8dd9222c722c8e0ac8aa174aa8d091a7
-
SHA1
b29bb2d1bac0a54cfe60f7bb2dc22fc641314211
-
SHA256
1b6cb188f6db91487d0774dc36129d0cb09145bf4f3a03456050cfe0979a4d3d
-
SHA512
505e6f17302184d4abdb9f0fc31f63f51a131ade38f27426aa18f1330c723fe779f34108be1a0cf1ced316b06a8d9285745b9c0051208ed2eaf6eb96dc4f8391
-
SSDEEP
12288:13Fpj4rBRLukn+zKg2oOR2OQl5KAdmxQDgGeItGBV07XpWZhASRXHYnrmK:1VpUFRUgoOwOY5KAqQlFtWVAqRXHYrmK
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1