General
-
Target
eaa029b6a1003b00bdcfc17f2f26f095_JaffaCakes118
-
Size
728KB
-
Sample
240919-fklzqasckn
-
MD5
eaa029b6a1003b00bdcfc17f2f26f095
-
SHA1
9e08f94fdee475bc0f523c827451741c8f73e63f
-
SHA256
b5b752423e985c4d6ef18944df46f8e92ad9a6ac15c12b1e9c4957c373da20d1
-
SHA512
1b99cf9f26c5f6befae025788af18104b03106e598c2562cca219bd3c3ba8f66f7daf76bfec1061d8968958d8ca3fecd06370f8e49bb143e0f9d51fc02693173
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbX1/meGDgGeItoEc9GspWZhASRXHYnrmb:lEc8H5fMLN2Kb71rGlFtov9GsqRXHYrE
Malware Config
Targets
-
-
Target
eaa029b6a1003b00bdcfc17f2f26f095_JaffaCakes118
-
Size
728KB
-
MD5
eaa029b6a1003b00bdcfc17f2f26f095
-
SHA1
9e08f94fdee475bc0f523c827451741c8f73e63f
-
SHA256
b5b752423e985c4d6ef18944df46f8e92ad9a6ac15c12b1e9c4957c373da20d1
-
SHA512
1b99cf9f26c5f6befae025788af18104b03106e598c2562cca219bd3c3ba8f66f7daf76bfec1061d8968958d8ca3fecd06370f8e49bb143e0f9d51fc02693173
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbX1/meGDgGeItoEc9GspWZhASRXHYnrmb:lEc8H5fMLN2Kb71rGlFtov9GsqRXHYrE
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1