General
-
Target
b868f2b3f0ba31837059454b6e708d59_JaffaCakes118
-
Size
734KB
-
Sample
240822-vgajvaxgng
-
MD5
b868f2b3f0ba31837059454b6e708d59
-
SHA1
b89d1e1d51c2a6b9fd27cccdd4db7bebb4c044f5
-
SHA256
2bfed9c27f587ecc4206f4adb7eaaa830fe7ebf617cf0257825c49be66a34ef2
-
SHA512
92cdbe51f0bb27257e07a5e0c888c745722d2c1caab6dae30f382c899724dede49a18e02a7799e52d3caf76039a999eeb53a564d48ee09d733f27f6fc46aaf69
-
SSDEEP
12288:bkZMrKuT9eES2EGfKMlAvDuicrvXRKmtKDgGeIttwoPR5pWZhAIRXHYnrmN:bkZCXTqjMWvVcLXRxKlFttwYQRXHYrmN
Malware Config
Targets
-
-
Target
b868f2b3f0ba31837059454b6e708d59_JaffaCakes118
-
Size
734KB
-
MD5
b868f2b3f0ba31837059454b6e708d59
-
SHA1
b89d1e1d51c2a6b9fd27cccdd4db7bebb4c044f5
-
SHA256
2bfed9c27f587ecc4206f4adb7eaaa830fe7ebf617cf0257825c49be66a34ef2
-
SHA512
92cdbe51f0bb27257e07a5e0c888c745722d2c1caab6dae30f382c899724dede49a18e02a7799e52d3caf76039a999eeb53a564d48ee09d733f27f6fc46aaf69
-
SSDEEP
12288:bkZMrKuT9eES2EGfKMlAvDuicrvXRKmtKDgGeIttwoPR5pWZhAIRXHYnrmN:bkZCXTqjMWvVcLXRxKlFttwYQRXHYrmN
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1