General
-
Target
a5d824807cfcf5766d578ede327da0b5_JaffaCakes118
-
Size
728KB
-
Sample
240818-hymvaavdql
-
MD5
a5d824807cfcf5766d578ede327da0b5
-
SHA1
0f479834ea60b0c8741c4a5b07e967c02fca833f
-
SHA256
cfb90ac9d12ae9eb5b0d6818c7eff1b37dfcb0a86d34cb763cc52c5c077b674b
-
SHA512
0a481b27a7ca0646b2d2b0ac5899e101b2945b5ac1214914fd7673a4c71623be1b9ab4f00d20624638ac9cab62f4f7d271fc1a43d7593ccd4d1fb9e82f78d5c6
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXr/meGDgGeItoEc9GspWZhASRXHYnrmt:lEc8H5fMLN2Kb7rrGlFtov9GsqRXHYri
Malware Config
Targets
-
-
Target
a5d824807cfcf5766d578ede327da0b5_JaffaCakes118
-
Size
728KB
-
MD5
a5d824807cfcf5766d578ede327da0b5
-
SHA1
0f479834ea60b0c8741c4a5b07e967c02fca833f
-
SHA256
cfb90ac9d12ae9eb5b0d6818c7eff1b37dfcb0a86d34cb763cc52c5c077b674b
-
SHA512
0a481b27a7ca0646b2d2b0ac5899e101b2945b5ac1214914fd7673a4c71623be1b9ab4f00d20624638ac9cab62f4f7d271fc1a43d7593ccd4d1fb9e82f78d5c6
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXr/meGDgGeItoEc9GspWZhASRXHYnrmt:lEc8H5fMLN2Kb7rrGlFtov9GsqRXHYri
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1