General
-
Target
b6ac2db7d71c9c8b08732a1c098cea8d_JaffaCakes118
-
Size
734KB
-
Sample
240822-haj4gswflq
-
MD5
b6ac2db7d71c9c8b08732a1c098cea8d
-
SHA1
569994b1d15459275f5c7f422f24eb78c64a3984
-
SHA256
8af06fd2a73bde2112266b10a46b4f6cf606d5833a120a40d341136872ccf930
-
SHA512
c97c808263756339b996c622792d5a1098c64b28dfa2020a244f86985dc3ba51e48595cdb80402c3099a1905f11b654ca27cf7f291cf092c721e78c3374c4c52
-
SSDEEP
12288:bkZMrKuT9eES2EGfKMlAvDuicrvXvKmtKDgGeIttwoPR5pWZhAIRXHYnrmF:bkZCXTqjMWvVcLXvxKlFttwYQRXHYrmF
Malware Config
Targets
-
-
Target
b6ac2db7d71c9c8b08732a1c098cea8d_JaffaCakes118
-
Size
734KB
-
MD5
b6ac2db7d71c9c8b08732a1c098cea8d
-
SHA1
569994b1d15459275f5c7f422f24eb78c64a3984
-
SHA256
8af06fd2a73bde2112266b10a46b4f6cf606d5833a120a40d341136872ccf930
-
SHA512
c97c808263756339b996c622792d5a1098c64b28dfa2020a244f86985dc3ba51e48595cdb80402c3099a1905f11b654ca27cf7f291cf092c721e78c3374c4c52
-
SSDEEP
12288:bkZMrKuT9eES2EGfKMlAvDuicrvXvKmtKDgGeIttwoPR5pWZhAIRXHYnrmF:bkZCXTqjMWvVcLXvxKlFttwYQRXHYrmF
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1