General
-
Target
JaffaCakes118_438e56aa4c50a3a858dd4bd0b96df7c3
-
Size
733KB
-
Sample
250127-zmczdavmfy
-
MD5
438e56aa4c50a3a858dd4bd0b96df7c3
-
SHA1
71b207e3a0f47039c10631abbf0e5b32a8ad1943
-
SHA256
f9c1a5823a80b7deb733a5b7f885a00e1ecda3416c41ca73a7d0c391aa1e38bc
-
SHA512
122b4014beb9e009a92a9f0cbe5ca6da4db9c55d31966f97c3147e2978cfaa94320fe897dbc971b740bc1622c0580d1f8c2b86b04b24fc17aaaf66b88893c915
-
SSDEEP
12288:13Fpj4rBRLukn+zKg2oOR2OQl5TAdmxQDgGeItGBV07XpWZhASRXHYnrmM:1VpUFRUgoOwOY5TAqQlFtWVAqRXHYrmM
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_438e56aa4c50a3a858dd4bd0b96df7c3.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
JaffaCakes118_438e56aa4c50a3a858dd4bd0b96df7c3.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
JaffaCakes118_438e56aa4c50a3a858dd4bd0b96df7c3
-
Size
733KB
-
MD5
438e56aa4c50a3a858dd4bd0b96df7c3
-
SHA1
71b207e3a0f47039c10631abbf0e5b32a8ad1943
-
SHA256
f9c1a5823a80b7deb733a5b7f885a00e1ecda3416c41ca73a7d0c391aa1e38bc
-
SHA512
122b4014beb9e009a92a9f0cbe5ca6da4db9c55d31966f97c3147e2978cfaa94320fe897dbc971b740bc1622c0580d1f8c2b86b04b24fc17aaaf66b88893c915
-
SSDEEP
12288:13Fpj4rBRLukn+zKg2oOR2OQl5TAdmxQDgGeItGBV07XpWZhASRXHYnrmM:1VpUFRUgoOwOY5TAqQlFtWVAqRXHYrmM
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1