General
-
Target
a862446395a85cdfecae13666d240844_JaffaCakes118
-
Size
1.8MB
-
Sample
240818-1xkbwaxaqh
-
MD5
a862446395a85cdfecae13666d240844
-
SHA1
aa94ea9345454e29845d4c859535ef80680d9639
-
SHA256
3889152f2513ea53ca49d80ded00192de562cb3457f69902eb9c6ed7d8a46b0c
-
SHA512
353f00dbbf042a009c2fcec2c895c14b8ba4dffd6008957890cd7f23cbacbd4535e0de427ef55f3fe5687a9af14ba4b4c258adbd62d4134cc5d8dad4205bce88
-
SSDEEP
49152:+CnbwOzuSAP4B4Sgtay3XRpNpvHeKxh69DNLPAHAXDHR03Vt/Y9yYtq:pnsOSSAPFSuvpGKxU9Dx6AX2tO3q
Malware Config
Targets
-
-
Target
a862446395a85cdfecae13666d240844_JaffaCakes118
-
Size
1.8MB
-
MD5
a862446395a85cdfecae13666d240844
-
SHA1
aa94ea9345454e29845d4c859535ef80680d9639
-
SHA256
3889152f2513ea53ca49d80ded00192de562cb3457f69902eb9c6ed7d8a46b0c
-
SHA512
353f00dbbf042a009c2fcec2c895c14b8ba4dffd6008957890cd7f23cbacbd4535e0de427ef55f3fe5687a9af14ba4b4c258adbd62d4134cc5d8dad4205bce88
-
SSDEEP
49152:+CnbwOzuSAP4B4Sgtay3XRpNpvHeKxh69DNLPAHAXDHR03Vt/Y9yYtq:pnsOSSAPFSuvpGKxU9Dx6AX2tO3q
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Browser Extensions
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1