General
-
Target
ce3d46095dbc4f36108b6dc50823bf33_JaffaCakes118
-
Size
728KB
-
Sample
240906-aqk2qawgqg
-
MD5
ce3d46095dbc4f36108b6dc50823bf33
-
SHA1
408851af0a22338ccdec5aa38caa48312a213534
-
SHA256
83c374952df6e641bbd31fbc03ac57fcee93d1e0864607378b23102558517b74
-
SHA512
a52deca9b693f763ac14e5290b5898d26a96af23ac2c7070c672730f99166e7ca212496cb58e91f868d12d826893393ac2e3c1a3d8325ead343a5ee69880d22e
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXD/meGDgGeItoEc9GspWZhASRXHYnrms:lEc8H5fMLN2Kb7DrGlFtov9GsqRXHYrb
Malware Config
Targets
-
-
Target
ce3d46095dbc4f36108b6dc50823bf33_JaffaCakes118
-
Size
728KB
-
MD5
ce3d46095dbc4f36108b6dc50823bf33
-
SHA1
408851af0a22338ccdec5aa38caa48312a213534
-
SHA256
83c374952df6e641bbd31fbc03ac57fcee93d1e0864607378b23102558517b74
-
SHA512
a52deca9b693f763ac14e5290b5898d26a96af23ac2c7070c672730f99166e7ca212496cb58e91f868d12d826893393ac2e3c1a3d8325ead343a5ee69880d22e
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXD/meGDgGeItoEc9GspWZhASRXHYnrms:lEc8H5fMLN2Kb7DrGlFtov9GsqRXHYrb
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1