General
-
Target
ab3ccd35a090ebaf853f04da863fc7f2_JaffaCakes118
-
Size
728KB
-
Sample
240819-qxwpsszgrp
-
MD5
ab3ccd35a090ebaf853f04da863fc7f2
-
SHA1
f3a2c97cdc5db11b0aea52c4f8c027176edd4182
-
SHA256
f3c1bee2b2907366a1a35e288b64fd9b8510bcfb0184085729334f2dcf2121e0
-
SHA512
4593de22cf66e05645e5057a15dd43f518efb355cd94f8b7b21d127b2cf960f8d177d3d981eaf38d8f613abe72df8639720e2ad156b75b24d4a895ac85896240
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXw/meGDgGeItoEc9GspWZhASRXHYnrmM:lEc8H5fMLN2Kb7wrGlFtov9GsqRXHYrn
Malware Config
Targets
-
-
Target
ab3ccd35a090ebaf853f04da863fc7f2_JaffaCakes118
-
Size
728KB
-
MD5
ab3ccd35a090ebaf853f04da863fc7f2
-
SHA1
f3a2c97cdc5db11b0aea52c4f8c027176edd4182
-
SHA256
f3c1bee2b2907366a1a35e288b64fd9b8510bcfb0184085729334f2dcf2121e0
-
SHA512
4593de22cf66e05645e5057a15dd43f518efb355cd94f8b7b21d127b2cf960f8d177d3d981eaf38d8f613abe72df8639720e2ad156b75b24d4a895ac85896240
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXw/meGDgGeItoEc9GspWZhASRXHYnrmM:lEc8H5fMLN2Kb7wrGlFtov9GsqRXHYrn
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1