General
-
Target
95fa4fcc5457f0e460a4c78f5a1db666_JaffaCakes118
-
Size
731KB
-
Sample
240814-nykb2szhkc
-
MD5
95fa4fcc5457f0e460a4c78f5a1db666
-
SHA1
42790837972979c5368b381c0baae99230f63cbb
-
SHA256
cf37ac15ca29da24e5db4bb7656de43e63703dff97a01bd01636d02fdbeb5047
-
SHA512
5e9b3f4ce35f343f4035995fff2292b85bb77842f08ffdb334287c15bfaa809fc2b018be119e7b381a916adaaa90ee73964d53be8bd95d1dbdf55f47c933fc22
-
SSDEEP
12288:Jaingtd/9iCpVEZxzraxdUdpmhFmjnDgGeIttwoPR5pWZhAIRXHYnrmD:JaigD/ArravUdshwnlFttwYQRXHYrmD
Malware Config
Targets
-
-
Target
95fa4fcc5457f0e460a4c78f5a1db666_JaffaCakes118
-
Size
731KB
-
MD5
95fa4fcc5457f0e460a4c78f5a1db666
-
SHA1
42790837972979c5368b381c0baae99230f63cbb
-
SHA256
cf37ac15ca29da24e5db4bb7656de43e63703dff97a01bd01636d02fdbeb5047
-
SHA512
5e9b3f4ce35f343f4035995fff2292b85bb77842f08ffdb334287c15bfaa809fc2b018be119e7b381a916adaaa90ee73964d53be8bd95d1dbdf55f47c933fc22
-
SSDEEP
12288:Jaingtd/9iCpVEZxzraxdUdpmhFmjnDgGeIttwoPR5pWZhAIRXHYnrmD:JaigD/ArravUdshwnlFttwYQRXHYrmD
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1