General
-
Target
a1a4f0f09d4ca069e7119a6948eb9b0a_JaffaCakes118
-
Size
733KB
-
Sample
240817-h5n1xstdpf
-
MD5
a1a4f0f09d4ca069e7119a6948eb9b0a
-
SHA1
212f2c43d1b9c2e4a2f81b7f1170973a1eafdc53
-
SHA256
10d45a2718adcd326747ef6fac03fe635e06884bf1b3c01a6eac0a4e4308554b
-
SHA512
c36a136225adcefd4039d0ecd9062b8e93d09ec837d3f3b1c98f28b87d47db45de173dbc9c7a40d33e113e5d2d899eea7600dafa7392cd42febd54f5a319eafe
-
SSDEEP
12288:13Fpj4rBRLukn+zKg2oOR2OQl51AdmxQDgGeItGBV07XpWZhASRXHYnrmV:1VpUFRUgoOwOY51AqQlFtWVAqRXHYrmV
Malware Config
Targets
-
-
Target
a1a4f0f09d4ca069e7119a6948eb9b0a_JaffaCakes118
-
Size
733KB
-
MD5
a1a4f0f09d4ca069e7119a6948eb9b0a
-
SHA1
212f2c43d1b9c2e4a2f81b7f1170973a1eafdc53
-
SHA256
10d45a2718adcd326747ef6fac03fe635e06884bf1b3c01a6eac0a4e4308554b
-
SHA512
c36a136225adcefd4039d0ecd9062b8e93d09ec837d3f3b1c98f28b87d47db45de173dbc9c7a40d33e113e5d2d899eea7600dafa7392cd42febd54f5a319eafe
-
SSDEEP
12288:13Fpj4rBRLukn+zKg2oOR2OQl51AdmxQDgGeItGBV07XpWZhASRXHYnrmV:1VpUFRUgoOwOY51AqQlFtWVAqRXHYrmV
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1