General
-
Target
a13be3360ad5b853ca71bae6d8bc1605_JaffaCakes118
-
Size
728KB
-
Sample
240817-fagx1s1bjp
-
MD5
a13be3360ad5b853ca71bae6d8bc1605
-
SHA1
0081e5795ccb44af9423b8aef92ae8c082e453dc
-
SHA256
588c38f2768d996a914d092b1c83b2bc63c77927824dc93de6f5c48baf432e7a
-
SHA512
cd7b0b6fafd6765b15061e55ae25d18d592392d9bbb26216634ea3e73b05bc5a47148c86d74e62980d705787c25d84f1d6ff359757b622acc053b65600d62f80
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbX9/meGDgGeItoEc9GspWZhASRXHYnrm3:lEc8H5fMLN2Kb79rGlFtov9GsqRXHYro
Malware Config
Targets
-
-
Target
a13be3360ad5b853ca71bae6d8bc1605_JaffaCakes118
-
Size
728KB
-
MD5
a13be3360ad5b853ca71bae6d8bc1605
-
SHA1
0081e5795ccb44af9423b8aef92ae8c082e453dc
-
SHA256
588c38f2768d996a914d092b1c83b2bc63c77927824dc93de6f5c48baf432e7a
-
SHA512
cd7b0b6fafd6765b15061e55ae25d18d592392d9bbb26216634ea3e73b05bc5a47148c86d74e62980d705787c25d84f1d6ff359757b622acc053b65600d62f80
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbX9/meGDgGeItoEc9GspWZhASRXHYnrm3:lEc8H5fMLN2Kb79rGlFtov9GsqRXHYro
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1