General

  • Target

    07e9b75c07aa0cce5d35d0d737198329_JaffaCakes118

  • Size

    215KB

  • Sample

    241001-3snvlszhla

  • MD5

    07e9b75c07aa0cce5d35d0d737198329

  • SHA1

    a3562c2a34cc834dd53c1b2e963ec587ac9b849c

  • SHA256

    52eca00f38a8b99e2750a5cac39eda89ea771ab5bd17c88172dcd9eddba2f124

  • SHA512

    cc15020003f732f58405f8ad583d574215f74bb6d764bc95dcb5011082b5db2f697d27b6e9cf5e9d53abd483e7ffbd4b85eff5d281374b3251fc29a1f717dc5a

  • SSDEEP

    6144:PMJNBqE5lmRWmRvH+Ed2315xc2PeZOqQUknu:PINBq4luWAPITdUODUknu

Malware Config

Targets

    • Target

      07e9b75c07aa0cce5d35d0d737198329_JaffaCakes118

    • Size

      215KB

    • MD5

      07e9b75c07aa0cce5d35d0d737198329

    • SHA1

      a3562c2a34cc834dd53c1b2e963ec587ac9b849c

    • SHA256

      52eca00f38a8b99e2750a5cac39eda89ea771ab5bd17c88172dcd9eddba2f124

    • SHA512

      cc15020003f732f58405f8ad583d574215f74bb6d764bc95dcb5011082b5db2f697d27b6e9cf5e9d53abd483e7ffbd4b85eff5d281374b3251fc29a1f717dc5a

    • SSDEEP

      6144:PMJNBqE5lmRWmRvH+Ed2315xc2PeZOqQUknu:PINBq4luWAPITdUODUknu

    • Drops file in Drivers directory

    • Possible privilege escalation attempt

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

    • File and Directory Permissions Modification: Windows File and Directory Permissions Modification

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks