General
-
Target
d256dcc7e167bd3fe8448b0235e30156_JaffaCakes118
-
Size
731KB
-
Sample
240907-trq4xasdqm
-
MD5
d256dcc7e167bd3fe8448b0235e30156
-
SHA1
c5a34e657b68e36b35190f9d24a033a66ec33a32
-
SHA256
0ccbbcf9f66fb03016ebdc0e444d60dd759ad5ac360b82a95fd323f8b41676ac
-
SHA512
ee707d2c745474570a5a8e90a130f05623eebd99f36e176c9c9ba7e160dff8b15fd1fa089ff4bb2d23247324768dc7c5d2b0efea8d97de1172bfa91ad6fb99ff
-
SSDEEP
12288:Jaingtd/9iCpVEZxzraxdUdpmhFmjnDgGeIttwoPR5pWZhAIRXHYnrmt:JaigD/ArravUdshwnlFttwYQRXHYrmt
Malware Config
Targets
-
-
Target
d256dcc7e167bd3fe8448b0235e30156_JaffaCakes118
-
Size
731KB
-
MD5
d256dcc7e167bd3fe8448b0235e30156
-
SHA1
c5a34e657b68e36b35190f9d24a033a66ec33a32
-
SHA256
0ccbbcf9f66fb03016ebdc0e444d60dd759ad5ac360b82a95fd323f8b41676ac
-
SHA512
ee707d2c745474570a5a8e90a130f05623eebd99f36e176c9c9ba7e160dff8b15fd1fa089ff4bb2d23247324768dc7c5d2b0efea8d97de1172bfa91ad6fb99ff
-
SSDEEP
12288:Jaingtd/9iCpVEZxzraxdUdpmhFmjnDgGeIttwoPR5pWZhAIRXHYnrmt:JaigD/ArravUdshwnlFttwYQRXHYrmt
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1