General
-
Target
eaa6579f32f19bba3ef010b97ab90f72_JaffaCakes118
-
Size
728KB
-
Sample
240919-fw1x1ssfrm
-
MD5
eaa6579f32f19bba3ef010b97ab90f72
-
SHA1
36c5048aae0ba1282fe303c6e0beb14a10ae1137
-
SHA256
f30e6938b321ad50489acda0e43a6d8ecb859c8cc623b72c5a0a9212b357b6c2
-
SHA512
3cea250e6b3d345e9ff839227d805daf7d103d0658e9c65fb89796a830df0ebc8d45f84186d50157f532e5d7422975d4a65a667d6c5902060e9ce3181e4d3dd6
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXp/meGDgGeItoEc9GspWZhASRXHYnrmZ:lEc8H5fMLN2Kb7prGlFtov9GsqRXHYre
Malware Config
Targets
-
-
Target
eaa6579f32f19bba3ef010b97ab90f72_JaffaCakes118
-
Size
728KB
-
MD5
eaa6579f32f19bba3ef010b97ab90f72
-
SHA1
36c5048aae0ba1282fe303c6e0beb14a10ae1137
-
SHA256
f30e6938b321ad50489acda0e43a6d8ecb859c8cc623b72c5a0a9212b357b6c2
-
SHA512
3cea250e6b3d345e9ff839227d805daf7d103d0658e9c65fb89796a830df0ebc8d45f84186d50157f532e5d7422975d4a65a667d6c5902060e9ce3181e4d3dd6
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXp/meGDgGeItoEc9GspWZhASRXHYnrmZ:lEc8H5fMLN2Kb7prGlFtov9GsqRXHYre
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1