General
-
Target
b3c339c4751c45cc9a59032e6d0b343f_JaffaCakes118
-
Size
731KB
-
Sample
240821-rer5bswbpr
-
MD5
b3c339c4751c45cc9a59032e6d0b343f
-
SHA1
25e61947438a41a6b5d56e3fd4d44012c6641019
-
SHA256
48076ab3018a0a1c79e3a20a636888e2b775131df00e9988cf8333ad1061ed55
-
SHA512
ced10ba9c6fc002f9656524fc296beb4783ea7deb37bcc2f19af17722ba937b9c72c3725092b8707f888e5cb93dacd605ecd53afc89667bc38d4791774fa5bdc
-
SSDEEP
12288:Jaingtd/9iCpVEZxzraxdUdpmPFmjnDgGeIttwoPR5pWZhAIRXHYnrm/:JaigD/ArravUdsPwnlFttwYQRXHYrm/
Malware Config
Targets
-
-
Target
b3c339c4751c45cc9a59032e6d0b343f_JaffaCakes118
-
Size
731KB
-
MD5
b3c339c4751c45cc9a59032e6d0b343f
-
SHA1
25e61947438a41a6b5d56e3fd4d44012c6641019
-
SHA256
48076ab3018a0a1c79e3a20a636888e2b775131df00e9988cf8333ad1061ed55
-
SHA512
ced10ba9c6fc002f9656524fc296beb4783ea7deb37bcc2f19af17722ba937b9c72c3725092b8707f888e5cb93dacd605ecd53afc89667bc38d4791774fa5bdc
-
SSDEEP
12288:Jaingtd/9iCpVEZxzraxdUdpmPFmjnDgGeIttwoPR5pWZhAIRXHYnrm/:JaigD/ArravUdsPwnlFttwYQRXHYrm/
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1