General
-
Target
a00890657d0bd3da583ebd0fa6094d29_JaffaCakes118
-
Size
728KB
-
Sample
240816-1hlw6aydqc
-
MD5
a00890657d0bd3da583ebd0fa6094d29
-
SHA1
f5ec5c9a213f4024c30b20862a883a90812c5e68
-
SHA256
681f6ab48060c5bb52583d582c0995bf7925d0f3502f7cc81f48cedcccca2cbd
-
SHA512
50098725ee2e77627f8b2a9101bfcacb27a25163633899e04c98f33f7f7cf1a7beb101787efb2a9cb9afc6cca557f86f3a82803bb79e85245c1cc52af93a9910
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXd/meGDgGeItoEc9GspWZhASRXHYnrmX:lEc8H5fMLN2Kb7drGlFtov9GsqRXHYrs
Malware Config
Targets
-
-
Target
a00890657d0bd3da583ebd0fa6094d29_JaffaCakes118
-
Size
728KB
-
MD5
a00890657d0bd3da583ebd0fa6094d29
-
SHA1
f5ec5c9a213f4024c30b20862a883a90812c5e68
-
SHA256
681f6ab48060c5bb52583d582c0995bf7925d0f3502f7cc81f48cedcccca2cbd
-
SHA512
50098725ee2e77627f8b2a9101bfcacb27a25163633899e04c98f33f7f7cf1a7beb101787efb2a9cb9afc6cca557f86f3a82803bb79e85245c1cc52af93a9910
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXd/meGDgGeItoEc9GspWZhASRXHYnrmX:lEc8H5fMLN2Kb7drGlFtov9GsqRXHYrs
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1