General
-
Target
b0d807f73cc1807df5984931558870bc_JaffaCakes118
-
Size
728KB
-
Sample
240820-zyr8fatbpd
-
MD5
b0d807f73cc1807df5984931558870bc
-
SHA1
45d444b5e1536927cce23771cc51736294719a57
-
SHA256
123a1eb6a1b993f57873ac8f5eb246ec3ede2ff7ee302a09037c3564fe6f13d0
-
SHA512
682709b92ef1fb784f09249400b9f4314565c571b9dab0672279e8eac5cbb7c75bcf7b766ef7ae9f4d062ff9251e8a96fabbb2876a47d6aff11cc76146e52479
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbX8/meGDgGeItoEc9GspWZhASRXHYnrmU:lEc8H5fMLN2Kb78rGlFtov9GsqRXHYrb
Static task
static1
Behavioral task
behavioral1
Sample
b0d807f73cc1807df5984931558870bc_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
b0d807f73cc1807df5984931558870bc_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
b0d807f73cc1807df5984931558870bc_JaffaCakes118
-
Size
728KB
-
MD5
b0d807f73cc1807df5984931558870bc
-
SHA1
45d444b5e1536927cce23771cc51736294719a57
-
SHA256
123a1eb6a1b993f57873ac8f5eb246ec3ede2ff7ee302a09037c3564fe6f13d0
-
SHA512
682709b92ef1fb784f09249400b9f4314565c571b9dab0672279e8eac5cbb7c75bcf7b766ef7ae9f4d062ff9251e8a96fabbb2876a47d6aff11cc76146e52479
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbX8/meGDgGeItoEc9GspWZhASRXHYnrmU:lEc8H5fMLN2Kb78rGlFtov9GsqRXHYrb
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1