General
-
Target
a8ed0ea54cf252800cb0877070b17263_JaffaCakes118
-
Size
728KB
-
Sample
240819-a9rzdayapl
-
MD5
a8ed0ea54cf252800cb0877070b17263
-
SHA1
f61fa96cdb10b8bb347285ec3d4df6bfe515299a
-
SHA256
fd463007046f3827dca9cc0f8af74f5ad61e3a70f1692ff722b35e32ea5b4a22
-
SHA512
a866278743fd45c9effe187e23c7b3e8aaecfa17e6f33de38a8b3326eedc8ed01455147dee2c4e6dc4991787bb246fb0f3e738043500e68c4c5bb1b535df937f
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbX1/meGDgGeItoEc9GspWZhASRXHYnrmn:lEc8H5fMLN2Kb71rGlFtov9GsqRXHYro
Malware Config
Targets
-
-
Target
a8ed0ea54cf252800cb0877070b17263_JaffaCakes118
-
Size
728KB
-
MD5
a8ed0ea54cf252800cb0877070b17263
-
SHA1
f61fa96cdb10b8bb347285ec3d4df6bfe515299a
-
SHA256
fd463007046f3827dca9cc0f8af74f5ad61e3a70f1692ff722b35e32ea5b4a22
-
SHA512
a866278743fd45c9effe187e23c7b3e8aaecfa17e6f33de38a8b3326eedc8ed01455147dee2c4e6dc4991787bb246fb0f3e738043500e68c4c5bb1b535df937f
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbX1/meGDgGeItoEc9GspWZhASRXHYnrmn:lEc8H5fMLN2Kb71rGlFtov9GsqRXHYro
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1