General
-
Target
970fb95018e770e51e883939681daf22_JaffaCakes118
-
Size
728KB
-
Sample
240814-wdw44svfma
-
MD5
970fb95018e770e51e883939681daf22
-
SHA1
cbd8b6fa6550416452eaef74737a3abc1bcff6fa
-
SHA256
06fb9043e57c31ea42a0cc2d6cc5d17776d78c8b8cf5fc6177da48206d99ae41
-
SHA512
5c47bc448146483defeddb736c563ff3187f7f29bda6428a2b57eae9179d9bd35512be8e7806c1e13ed274114abed423efbe44924771ead1612da75d55acb801
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXR/meGDgGeItoEc9GspWZhASRXHYnrmB:lEc8H5fMLN2Kb7RrGlFtov9GsqRXHYru
Malware Config
Targets
-
-
Target
970fb95018e770e51e883939681daf22_JaffaCakes118
-
Size
728KB
-
MD5
970fb95018e770e51e883939681daf22
-
SHA1
cbd8b6fa6550416452eaef74737a3abc1bcff6fa
-
SHA256
06fb9043e57c31ea42a0cc2d6cc5d17776d78c8b8cf5fc6177da48206d99ae41
-
SHA512
5c47bc448146483defeddb736c563ff3187f7f29bda6428a2b57eae9179d9bd35512be8e7806c1e13ed274114abed423efbe44924771ead1612da75d55acb801
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXR/meGDgGeItoEc9GspWZhASRXHYnrmB:lEc8H5fMLN2Kb7RrGlFtov9GsqRXHYru
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1