General
-
Target
f5ee03ecddc53f08faa97c9c2785f926_JaffaCakes118
-
Size
728KB
-
Sample
240925-nr99wstakr
-
MD5
f5ee03ecddc53f08faa97c9c2785f926
-
SHA1
718d84b29acc61ae9a660bad2589039b62336e3e
-
SHA256
268435b4cd58f56c99c9215efe099acecdc92582bd3e836ae2c420e4a5f1da79
-
SHA512
928b7bae989803a84d477927980dcdbf637ccc5af3b6bfde5fb476d65d737273f137b8f27702384a23520a6d7d716d7f3bca370f6a7c9b25278db49af4c942d8
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXm/meGDgGeItoEc9GspWZhASRXHYnrmH:lEc8H5fMLN2Kb7mrGlFtov9GsqRXHYrk
Malware Config
Targets
-
-
Target
f5ee03ecddc53f08faa97c9c2785f926_JaffaCakes118
-
Size
728KB
-
MD5
f5ee03ecddc53f08faa97c9c2785f926
-
SHA1
718d84b29acc61ae9a660bad2589039b62336e3e
-
SHA256
268435b4cd58f56c99c9215efe099acecdc92582bd3e836ae2c420e4a5f1da79
-
SHA512
928b7bae989803a84d477927980dcdbf637ccc5af3b6bfde5fb476d65d737273f137b8f27702384a23520a6d7d716d7f3bca370f6a7c9b25278db49af4c942d8
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbXm/meGDgGeItoEc9GspWZhASRXHYnrmH:lEc8H5fMLN2Kb7mrGlFtov9GsqRXHYrk
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1