General
-
Target
b995e5141950319d1eb939dc7c01c776_JaffaCakes118
-
Size
728KB
-
Sample
240823-abxrzavcpa
-
MD5
b995e5141950319d1eb939dc7c01c776
-
SHA1
7ce7d67742468628b9ec2cf9cb4b401f276c14d2
-
SHA256
49ac38e2963da04db6dd9f0c4300c31a2efa2a85e4011378d5e8dc83e66e9c2a
-
SHA512
ea46c8e57b4577d3f41d693f612d363f4521c67235b4faad3d222a845a64ee927ddafb3c6321cb4925ad7a0db5511c2dde33326ca8b355770053311ac97fa2f1
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXe/meGDgGeItoEc9GspWZhASRXHYnrmC:lEc8H5fMLN2Kb7erGlFtov9GsqRXHYrx
Malware Config
Targets
-
-
Target
b995e5141950319d1eb939dc7c01c776_JaffaCakes118
-
Size
728KB
-
MD5
b995e5141950319d1eb939dc7c01c776
-
SHA1
7ce7d67742468628b9ec2cf9cb4b401f276c14d2
-
SHA256
49ac38e2963da04db6dd9f0c4300c31a2efa2a85e4011378d5e8dc83e66e9c2a
-
SHA512
ea46c8e57b4577d3f41d693f612d363f4521c67235b4faad3d222a845a64ee927ddafb3c6321cb4925ad7a0db5511c2dde33326ca8b355770053311ac97fa2f1
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXe/meGDgGeItoEc9GspWZhASRXHYnrmC:lEc8H5fMLN2Kb7erGlFtov9GsqRXHYrx
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1