General
-
Target
eac25200b57f0d4fdfe4dcc793d3cdbf_JaffaCakes118
-
Size
733KB
-
Sample
240919-g74nqavglm
-
MD5
eac25200b57f0d4fdfe4dcc793d3cdbf
-
SHA1
caf9dbaf84f24d116378bc0b1aaf9e036ee5339a
-
SHA256
71349def9b74b2a848fc2f08884d85d89d4c74084f83424dff2f4d4eb24cf866
-
SHA512
2de2a7ffd00d74a6cf2ece76292b674bffbc194976ebf81a40b67914f290c64811b7e42710c5d9ccb1bdca4a9ad8bd7f70215290297600e7a4494c377a67ede9
-
SSDEEP
12288:13Fpj4rBRLukn+zKg2oOR2OQl5DAdmxQDgGeItGBV07XpWZhASRXHYnrmQ:1VpUFRUgoOwOY5DAqQlFtWVAqRXHYrmQ
Malware Config
Targets
-
-
Target
eac25200b57f0d4fdfe4dcc793d3cdbf_JaffaCakes118
-
Size
733KB
-
MD5
eac25200b57f0d4fdfe4dcc793d3cdbf
-
SHA1
caf9dbaf84f24d116378bc0b1aaf9e036ee5339a
-
SHA256
71349def9b74b2a848fc2f08884d85d89d4c74084f83424dff2f4d4eb24cf866
-
SHA512
2de2a7ffd00d74a6cf2ece76292b674bffbc194976ebf81a40b67914f290c64811b7e42710c5d9ccb1bdca4a9ad8bd7f70215290297600e7a4494c377a67ede9
-
SSDEEP
12288:13Fpj4rBRLukn+zKg2oOR2OQl5DAdmxQDgGeItGBV07XpWZhASRXHYnrmQ:1VpUFRUgoOwOY5DAqQlFtWVAqRXHYrmQ
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1