General
-
Target
d0fdbef928982e62587c26ac2b7707f9_JaffaCakes118
-
Size
728KB
-
Sample
240907-d5a2vasgnl
-
MD5
d0fdbef928982e62587c26ac2b7707f9
-
SHA1
94e88b142ac8fad8e8772a5cad4fae762f81c169
-
SHA256
e5804ac65900c42b4c4cfc658170c8dc38c81b5952077d3f818a20c229fee40c
-
SHA512
2f07da6277e07d52148071ac09f605b5eebf2ff2376332f526d12a0bfb9450fe1caa2c07066dffe1db57a178f3f69e8b3f16f712b281dacd1a67fc4088bc9e1a
-
SSDEEP
12288:z2/I3CMZC4u8YBbY5zgHWHmt8qM3mmcKDgGeItoEc9GspWZhASRXHYnrm1:z2QSmCrmgHCmKqM3kKlFtov9GsqRXHYm
Malware Config
Targets
-
-
Target
d0fdbef928982e62587c26ac2b7707f9_JaffaCakes118
-
Size
728KB
-
MD5
d0fdbef928982e62587c26ac2b7707f9
-
SHA1
94e88b142ac8fad8e8772a5cad4fae762f81c169
-
SHA256
e5804ac65900c42b4c4cfc658170c8dc38c81b5952077d3f818a20c229fee40c
-
SHA512
2f07da6277e07d52148071ac09f605b5eebf2ff2376332f526d12a0bfb9450fe1caa2c07066dffe1db57a178f3f69e8b3f16f712b281dacd1a67fc4088bc9e1a
-
SSDEEP
12288:z2/I3CMZC4u8YBbY5zgHWHmt8qM3mmcKDgGeItoEc9GspWZhASRXHYnrm1:z2QSmCrmgHCmKqM3kKlFtov9GsqRXHYm
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1