General
-
Target
a6a6554bfda1905530181bea932fae95_JaffaCakes118
-
Size
728KB
-
Sample
240818-nw5j7svgjl
-
MD5
a6a6554bfda1905530181bea932fae95
-
SHA1
6e15bf07b76de23fbf3c1b8192e8a3a8a0c3f691
-
SHA256
0d58007daa54a893cd5b518a4760abca47ebc48ec0fbbbc9717c834e94fa81cf
-
SHA512
6ecf8c54b2f805f897222b0928d57476e55a3751d4133240bdfa480d705f2acdfd55602ce24c39f1ba32065522d5ce653b84533b208d86411e7343477f92c78d
-
SSDEEP
12288:z2/I3CMZC4u8YBbY5zgHWHmt8qMbmmcKDgGeItoEc9GspWZhASRXHYnrmX:z2QSmCrmgHCmKqMbkKlFtov9GsqRXHYQ
Malware Config
Targets
-
-
Target
a6a6554bfda1905530181bea932fae95_JaffaCakes118
-
Size
728KB
-
MD5
a6a6554bfda1905530181bea932fae95
-
SHA1
6e15bf07b76de23fbf3c1b8192e8a3a8a0c3f691
-
SHA256
0d58007daa54a893cd5b518a4760abca47ebc48ec0fbbbc9717c834e94fa81cf
-
SHA512
6ecf8c54b2f805f897222b0928d57476e55a3751d4133240bdfa480d705f2acdfd55602ce24c39f1ba32065522d5ce653b84533b208d86411e7343477f92c78d
-
SSDEEP
12288:z2/I3CMZC4u8YBbY5zgHWHmt8qMbmmcKDgGeItoEc9GspWZhASRXHYnrmX:z2QSmCrmgHCmKqMbkKlFtov9GsqRXHYQ
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1