General
-
Target
dcbeaff7c70b1fbd0ed3f2c43ae00fcd_JaffaCakes118
-
Size
734KB
-
Sample
240912-wev87swena
-
MD5
dcbeaff7c70b1fbd0ed3f2c43ae00fcd
-
SHA1
402788ff236a0aa71e06185c66764b119ab0d33e
-
SHA256
21ee36fb172eb2e272b56244eada54b1b0baaf96a216f695c3ccd3fa31c3eb32
-
SHA512
ad053cf09e7a31fce03b7d78f7507c06d32c1a57f5b1b0ef3b2a50744df06dad0df974d343953af34f35aebdee0315ef0ecd89f7634e63b54529b6773093e1a4
-
SSDEEP
12288:bkZMrKuT9eES2EGfKMlAvDuicrvXxKmtKDgGeIttwoPR5pWZhAIRXHYnrmt:bkZCXTqjMWvVcLXxxKlFttwYQRXHYrmt
Malware Config
Targets
-
-
Target
dcbeaff7c70b1fbd0ed3f2c43ae00fcd_JaffaCakes118
-
Size
734KB
-
MD5
dcbeaff7c70b1fbd0ed3f2c43ae00fcd
-
SHA1
402788ff236a0aa71e06185c66764b119ab0d33e
-
SHA256
21ee36fb172eb2e272b56244eada54b1b0baaf96a216f695c3ccd3fa31c3eb32
-
SHA512
ad053cf09e7a31fce03b7d78f7507c06d32c1a57f5b1b0ef3b2a50744df06dad0df974d343953af34f35aebdee0315ef0ecd89f7634e63b54529b6773093e1a4
-
SSDEEP
12288:bkZMrKuT9eES2EGfKMlAvDuicrvXxKmtKDgGeIttwoPR5pWZhAIRXHYnrmt:bkZCXTqjMWvVcLXxxKlFttwYQRXHYrmt
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1