General
-
Target
9678642488b4baa45240d4c9aebb7ff5_JaffaCakes118
-
Size
731KB
-
Sample
240814-rs5mksxcjd
-
MD5
9678642488b4baa45240d4c9aebb7ff5
-
SHA1
8e41b44fee545785277a76cbce66d5f0f7c93454
-
SHA256
34f88e8073037bee0c4de62c1cb0cc3acb336ee9b32ed04384dadc0d407617c8
-
SHA512
7356e6c0b508c38012357026f26fd032b7be7c67a32d423c5138da54461f82cc301fae578fc20a9f903c781ab16099379158d73481f8706d4f4a5938e3183879
-
SSDEEP
12288:Jaingtd/9iCpVEZxzraxdUdpmNFmjnDgGeIttwoPR5pWZhAIRXHYnrmr:JaigD/ArravUdsNwnlFttwYQRXHYrmr
Malware Config
Targets
-
-
Target
9678642488b4baa45240d4c9aebb7ff5_JaffaCakes118
-
Size
731KB
-
MD5
9678642488b4baa45240d4c9aebb7ff5
-
SHA1
8e41b44fee545785277a76cbce66d5f0f7c93454
-
SHA256
34f88e8073037bee0c4de62c1cb0cc3acb336ee9b32ed04384dadc0d407617c8
-
SHA512
7356e6c0b508c38012357026f26fd032b7be7c67a32d423c5138da54461f82cc301fae578fc20a9f903c781ab16099379158d73481f8706d4f4a5938e3183879
-
SSDEEP
12288:Jaingtd/9iCpVEZxzraxdUdpmNFmjnDgGeIttwoPR5pWZhAIRXHYnrmr:JaigD/ArravUdsNwnlFttwYQRXHYrmr
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1