General
-
Target
e23c2d806a9932eec4cfdf797407fd61_JaffaCakes118
-
Size
733KB
-
Sample
240915-l7lv5aybjf
-
MD5
e23c2d806a9932eec4cfdf797407fd61
-
SHA1
67ad9448959b00b6e14f82b366041bbedf9297d2
-
SHA256
173a3a7013e3d18e60a6c00b3e040251ad1779ac701c6c82b2393b1176cef5cf
-
SHA512
b2c8bb9bcd1d1048a3681936d4b4f0e4ef942494f8da67f80c4d888804009cb7711aa64d9d29ae23ad92eeac08f3403c8836206ed2c80461e442617a2951e73a
-
SSDEEP
12288:13Fpj4rBRLukn+zKg2oOR2OQl5ZAdmxQDgGeItGBV07XpWZhASRXHYnrmY:1VpUFRUgoOwOY5ZAqQlFtWVAqRXHYrmY
Malware Config
Targets
-
-
Target
e23c2d806a9932eec4cfdf797407fd61_JaffaCakes118
-
Size
733KB
-
MD5
e23c2d806a9932eec4cfdf797407fd61
-
SHA1
67ad9448959b00b6e14f82b366041bbedf9297d2
-
SHA256
173a3a7013e3d18e60a6c00b3e040251ad1779ac701c6c82b2393b1176cef5cf
-
SHA512
b2c8bb9bcd1d1048a3681936d4b4f0e4ef942494f8da67f80c4d888804009cb7711aa64d9d29ae23ad92eeac08f3403c8836206ed2c80461e442617a2951e73a
-
SSDEEP
12288:13Fpj4rBRLukn+zKg2oOR2OQl5ZAdmxQDgGeItGBV07XpWZhASRXHYnrmY:1VpUFRUgoOwOY5ZAqQlFtWVAqRXHYrmY
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1