General
-
Target
d3fbb484ccc00500f4e6d1d87a28e229_JaffaCakes118
-
Size
733KB
-
Sample
240908-kvck9awhpj
-
MD5
d3fbb484ccc00500f4e6d1d87a28e229
-
SHA1
599bd70ac14d91f64e596383f017d6b0eeff450b
-
SHA256
32070b1476a569360c57143272c35a590adbd797c7f786ead0b530f24b5e0e15
-
SHA512
36bcf80617de344e0879487bc3303b28cf24cb72ba5e1c7c412f0bbb83d199d296bf5a37f692efad56558a5505f33d9d6b65916b99e3f8367700f626db76efb9
-
SSDEEP
12288:13Fpj4rBRLukn+zKg2oOR2OQl5cAdmxQDgGeItGBV07XpWZhASRXHYnrmc:1VpUFRUgoOwOY5cAqQlFtWVAqRXHYrmc
Malware Config
Targets
-
-
Target
d3fbb484ccc00500f4e6d1d87a28e229_JaffaCakes118
-
Size
733KB
-
MD5
d3fbb484ccc00500f4e6d1d87a28e229
-
SHA1
599bd70ac14d91f64e596383f017d6b0eeff450b
-
SHA256
32070b1476a569360c57143272c35a590adbd797c7f786ead0b530f24b5e0e15
-
SHA512
36bcf80617de344e0879487bc3303b28cf24cb72ba5e1c7c412f0bbb83d199d296bf5a37f692efad56558a5505f33d9d6b65916b99e3f8367700f626db76efb9
-
SSDEEP
12288:13Fpj4rBRLukn+zKg2oOR2OQl5cAdmxQDgGeItGBV07XpWZhASRXHYnrmc:1VpUFRUgoOwOY5cAqQlFtWVAqRXHYrmc
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1