General
-
Target
bd4c4747abf91e30eee1e73a4ee62f70_JaffaCakes118
-
Size
328KB
-
Sample
240823-1sdcrs1dqr
-
MD5
bd4c4747abf91e30eee1e73a4ee62f70
-
SHA1
0aedde0e5fa044437956e71ec76966325722d2a6
-
SHA256
8db687010134f37830e19578ab4d1233f8c9a88ee0b879fc4d5523470205ab12
-
SHA512
1bfd61bf6ced3d2961b4ac551d7741f663f42d15d19b30a2a38ffbe9cb4a0a8126fe1376ac3fb00d097cb2f72e76272f606eadd7d77a608a53dc33c5f70b43f0
-
SSDEEP
6144:VeK8X/rr7nCgPmmBMQzTk0ldoHBYvC201bpHhDmATcEzoi21PYbj3:VeJ//rCgPmmBMGFn5EZREiW8
Malware Config
Targets
-
-
Target
bd4c4747abf91e30eee1e73a4ee62f70_JaffaCakes118
-
Size
328KB
-
MD5
bd4c4747abf91e30eee1e73a4ee62f70
-
SHA1
0aedde0e5fa044437956e71ec76966325722d2a6
-
SHA256
8db687010134f37830e19578ab4d1233f8c9a88ee0b879fc4d5523470205ab12
-
SHA512
1bfd61bf6ced3d2961b4ac551d7741f663f42d15d19b30a2a38ffbe9cb4a0a8126fe1376ac3fb00d097cb2f72e76272f606eadd7d77a608a53dc33c5f70b43f0
-
SSDEEP
6144:VeK8X/rr7nCgPmmBMQzTk0ldoHBYvC201bpHhDmATcEzoi21PYbj3:VeJ//rCgPmmBMGFn5EZREiW8
Score8/10-
Modifies Windows Firewall
-
Stops running service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Network Share Discovery
Attempt to gather information on host network.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
2Windows Service
2Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
2Windows Service
2Event Triggered Execution
1Netsh Helper DLL
1