General
-
Target
cee8fde348cb0e6999dec4262b99ba60_JaffaCakes118
-
Size
194KB
-
Sample
240906-hgdkaasbjh
-
MD5
cee8fde348cb0e6999dec4262b99ba60
-
SHA1
48e55fd7b8dc8bc64ba7c9749c9be98b7206f0b6
-
SHA256
c43705f4241f0fc6ec54c5e4f25a40e971a74bdad447619432b77263ba0213c1
-
SHA512
de07140fa801a6a1e6ce9dbcd7f2282f3f97a92abf1744fd1a6ddc19a7b4b920e0a540146b8fcb010cfa0120b4d71fe1377d5f447922103664416c598ac16d51
-
SSDEEP
6144:jFww/t1GFxY++UsJ6jCm5lNdu3E7bCcN5JAY:aw/oK+VRDN4UHxl
Malware Config
Targets
-
-
Target
cee8fde348cb0e6999dec4262b99ba60_JaffaCakes118
-
Size
194KB
-
MD5
cee8fde348cb0e6999dec4262b99ba60
-
SHA1
48e55fd7b8dc8bc64ba7c9749c9be98b7206f0b6
-
SHA256
c43705f4241f0fc6ec54c5e4f25a40e971a74bdad447619432b77263ba0213c1
-
SHA512
de07140fa801a6a1e6ce9dbcd7f2282f3f97a92abf1744fd1a6ddc19a7b4b920e0a540146b8fcb010cfa0120b4d71fe1377d5f447922103664416c598ac16d51
-
SSDEEP
6144:jFww/t1GFxY++UsJ6jCm5lNdu3E7bCcN5JAY:aw/oK+VRDN4UHxl
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
1