General
-
Target
ffeed1714b681c5c6e97dc4779c16080_JaffaCakes118
-
Size
728KB
-
Sample
240930-eqz8vsxdkn
-
MD5
ffeed1714b681c5c6e97dc4779c16080
-
SHA1
18e2a991d7242f05f0a4facae86bcf8bdabd7beb
-
SHA256
a94c4f1f273203e92f257c5454bc23fdf778589ea1029f093ba63e4cfddd2f4e
-
SHA512
81f5f59eea5a0d8af0087df476bd301900848e61012700597a9b664134d936b4e85dfdd8db44ab4209f2b286ed37157936452fa7cfd7ae904c74733d296f257b
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbX6/meGDgGeItoEc9GspWZhASRXHYnrmN:lEc8H5fMLN2Kb76rGlFtov9GsqRXHYre
Malware Config
Targets
-
-
Target
ffeed1714b681c5c6e97dc4779c16080_JaffaCakes118
-
Size
728KB
-
MD5
ffeed1714b681c5c6e97dc4779c16080
-
SHA1
18e2a991d7242f05f0a4facae86bcf8bdabd7beb
-
SHA256
a94c4f1f273203e92f257c5454bc23fdf778589ea1029f093ba63e4cfddd2f4e
-
SHA512
81f5f59eea5a0d8af0087df476bd301900848e61012700597a9b664134d936b4e85dfdd8db44ab4209f2b286ed37157936452fa7cfd7ae904c74733d296f257b
-
SSDEEP
12288:lEcF8D2K53tGcAOYYsLN2Z8bbX6/meGDgGeItoEc9GspWZhASRXHYnrmN:lEc8H5fMLN2Kb76rGlFtov9GsqRXHYre
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1