General
-
Target
e02991be5637893f5a04250112892836_JaffaCakes118
-
Size
728KB
-
Sample
240914-pey7jashlm
-
MD5
e02991be5637893f5a04250112892836
-
SHA1
cddb53bac7db79a32801b62b9eee9637fd5a4d49
-
SHA256
8eaf537d819dfcf8931d2831a3b4621a8f4989673d4bb1048df7aebd8ec339f5
-
SHA512
71ae9894ca6dbc99ff6f59692a4996583703f449548b3220fa9114fb6a2d4577f7dc2b81443e0da3258faea4bb64a753ab8719667d5572c282207298ec5cde40
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXn/meGDgGeItoEc9GspWZhASRXHYnrmc:lEc8H5fMLN2Kb7nrGlFtov9GsqRXHYrL
Malware Config
Targets
-
-
Target
e02991be5637893f5a04250112892836_JaffaCakes118
-
Size
728KB
-
MD5
e02991be5637893f5a04250112892836
-
SHA1
cddb53bac7db79a32801b62b9eee9637fd5a4d49
-
SHA256
8eaf537d819dfcf8931d2831a3b4621a8f4989673d4bb1048df7aebd8ec339f5
-
SHA512
71ae9894ca6dbc99ff6f59692a4996583703f449548b3220fa9114fb6a2d4577f7dc2b81443e0da3258faea4bb64a753ab8719667d5572c282207298ec5cde40
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXn/meGDgGeItoEc9GspWZhASRXHYnrmc:lEc8H5fMLN2Kb7nrGlFtov9GsqRXHYrL
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1