General
-
Target
ea994cef4deae4087d08242ec7cb4c71_JaffaCakes118
-
Size
728KB
-
Sample
240919-e9clxa1gnq
-
MD5
ea994cef4deae4087d08242ec7cb4c71
-
SHA1
4e37a1ca46ecf2e669c755dc8fb9f636d479c146
-
SHA256
2958fef760a1f41131e48d48315ec9ab737572768afe4271770d8b9ae88d3869
-
SHA512
ed7e24cbc74d376e07b6309a449c4388f1dd94b9e3ce484e21f8627edfa9ed9344a26463da160dac56759473a132ed29cd1198d7e2e2646f6db3f3cb68c07545
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXJ/meGDgGeItoEc9GspWZhASRXHYnrmK:lEc8H5fMLN2Kb7JrGlFtov9GsqRXHYr1
Malware Config
Targets
-
-
Target
ea994cef4deae4087d08242ec7cb4c71_JaffaCakes118
-
Size
728KB
-
MD5
ea994cef4deae4087d08242ec7cb4c71
-
SHA1
4e37a1ca46ecf2e669c755dc8fb9f636d479c146
-
SHA256
2958fef760a1f41131e48d48315ec9ab737572768afe4271770d8b9ae88d3869
-
SHA512
ed7e24cbc74d376e07b6309a449c4388f1dd94b9e3ce484e21f8627edfa9ed9344a26463da160dac56759473a132ed29cd1198d7e2e2646f6db3f3cb68c07545
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXJ/meGDgGeItoEc9GspWZhASRXHYnrmK:lEc8H5fMLN2Kb7JrGlFtov9GsqRXHYr1
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1