General
-
Target
a5e4ad6b472aa0eda06a56bc7c583e63_JaffaCakes118
-
Size
728KB
-
Sample
240818-h9lrcssfjg
-
MD5
a5e4ad6b472aa0eda06a56bc7c583e63
-
SHA1
1d0795b351d061fffd9c5cbf11f5ca414dcbb71a
-
SHA256
7e5712cd6831dff567574867b494baa18e51a74614ded3909abecad545a20af1
-
SHA512
3d05390ace708a3630160fe2439aa758ec612aa42367292500214ef6fa2bafa919428420c22ab32f0c9a67534c602e02017113650f296ab05cdb8109b88920f8
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbX3/meGDgGeItoEc9GspWZhASRXHYnrm4:lEc8H5fMLN2Kb73rGlFtov9GsqRXHYr7
Malware Config
Targets
-
-
Target
a5e4ad6b472aa0eda06a56bc7c583e63_JaffaCakes118
-
Size
728KB
-
MD5
a5e4ad6b472aa0eda06a56bc7c583e63
-
SHA1
1d0795b351d061fffd9c5cbf11f5ca414dcbb71a
-
SHA256
7e5712cd6831dff567574867b494baa18e51a74614ded3909abecad545a20af1
-
SHA512
3d05390ace708a3630160fe2439aa758ec612aa42367292500214ef6fa2bafa919428420c22ab32f0c9a67534c602e02017113650f296ab05cdb8109b88920f8
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbX3/meGDgGeItoEc9GspWZhASRXHYnrm4:lEc8H5fMLN2Kb73rGlFtov9GsqRXHYr7
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1