General
-
Target
cf53d25c1a91d99726df717d57f24750_JaffaCakes118
-
Size
90KB
-
Sample
240906-mey6es1brk
-
MD5
cf53d25c1a91d99726df717d57f24750
-
SHA1
0f4d4b5e7e63887b3bd31408ded17463e5432bde
-
SHA256
0a11af9877335d87013cd8ce275ae47437bd07b7809e826dd7fcf4d234f2e185
-
SHA512
da224163612aca3d8adec6ad7f2f82261692be9015bc178c3d4888176d3eae9f3a3850d28c0917314093c67e5045142d8872501bca548a01ae957956651ec59b
-
SSDEEP
1536:93pcLd0gpByLfa2W13Xpx9wRhE1q9JrvXnXVztWQFp0DLP8vQiMQZw8p:fWufRm3XpsRG1MJTXVzDr8LP8YFQZw
Malware Config
Targets
-
-
Target
cf53d25c1a91d99726df717d57f24750_JaffaCakes118
-
Size
90KB
-
MD5
cf53d25c1a91d99726df717d57f24750
-
SHA1
0f4d4b5e7e63887b3bd31408ded17463e5432bde
-
SHA256
0a11af9877335d87013cd8ce275ae47437bd07b7809e826dd7fcf4d234f2e185
-
SHA512
da224163612aca3d8adec6ad7f2f82261692be9015bc178c3d4888176d3eae9f3a3850d28c0917314093c67e5045142d8872501bca548a01ae957956651ec59b
-
SSDEEP
1536:93pcLd0gpByLfa2W13Xpx9wRhE1q9JrvXnXVztWQFp0DLP8vQiMQZw8p:fWufRm3XpsRG1MJTXVzDr8LP8YFQZw
Score10/10-
Modifies firewall policy service
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Browser Extensions
1Create or Modify System Process
1Windows Service
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
3