General
-
Target
b60835456231a63b7991b239aa7371b8_JaffaCakes118
-
Size
783KB
-
Sample
240822-c4h6dsyamn
-
MD5
b60835456231a63b7991b239aa7371b8
-
SHA1
f04a2a8a03e9b72d1970a9c8517bcc78df9b1f60
-
SHA256
2861ed49c3d6112f9136717d95f9349aee35eca3209f232fd3d9e36f5b7c5df4
-
SHA512
cc8b54dc2e8ff0f814e83cc2baff10f44defc465aa23d99f32f0db4364841c6b4ee7e9f598f39c95b03854a95f43d23f607a17d6d11bd0ade3b3cd002aac84ce
-
SSDEEP
24576:xyrSMgIRRD9lcT1w1mlFtWVqrqRXHYrmY:Mr1HoR3WVqrYHYf
Malware Config
Targets
-
-
Target
b60835456231a63b7991b239aa7371b8_JaffaCakes118
-
Size
783KB
-
MD5
b60835456231a63b7991b239aa7371b8
-
SHA1
f04a2a8a03e9b72d1970a9c8517bcc78df9b1f60
-
SHA256
2861ed49c3d6112f9136717d95f9349aee35eca3209f232fd3d9e36f5b7c5df4
-
SHA512
cc8b54dc2e8ff0f814e83cc2baff10f44defc465aa23d99f32f0db4364841c6b4ee7e9f598f39c95b03854a95f43d23f607a17d6d11bd0ade3b3cd002aac84ce
-
SSDEEP
24576:xyrSMgIRRD9lcT1w1mlFtWVqrqRXHYrmY:Mr1HoR3WVqrYHYf
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1