General
-
Target
eaabe0f0dff7c28a08a257ba3f16b004_JaffaCakes118
-
Size
728KB
-
Sample
240919-f5972stbjm
-
MD5
eaabe0f0dff7c28a08a257ba3f16b004
-
SHA1
d5154524d883a37c94342d7bc9a3753026182568
-
SHA256
e3743230df8b4442f71d8d679e218a9b6f8569387d273a57ef02fd2dd3dd315a
-
SHA512
2b3eb256cb1918bf45d6425fb1b8af52c35aff7287577576d96fc3b5fe1e186ce3208577c01b202068ade93875ee9eb9bf4c4883d567d8a07c6cb61abca3fe86
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXc/meGDgGeItoEc9GspWZhASRXHYnrmk:lEc8H5fMLN2Kb7crGlFtov9GsqRXHYrP
Malware Config
Targets
-
-
Target
eaabe0f0dff7c28a08a257ba3f16b004_JaffaCakes118
-
Size
728KB
-
MD5
eaabe0f0dff7c28a08a257ba3f16b004
-
SHA1
d5154524d883a37c94342d7bc9a3753026182568
-
SHA256
e3743230df8b4442f71d8d679e218a9b6f8569387d273a57ef02fd2dd3dd315a
-
SHA512
2b3eb256cb1918bf45d6425fb1b8af52c35aff7287577576d96fc3b5fe1e186ce3208577c01b202068ade93875ee9eb9bf4c4883d567d8a07c6cb61abca3fe86
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXc/meGDgGeItoEc9GspWZhASRXHYnrmk:lEc8H5fMLN2Kb7crGlFtov9GsqRXHYrP
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1