General
-
Target
00542b9d21af209948ad923d035e53fe_JaffaCakes118
-
Size
2.3MB
-
Sample
240622-abbjqsxakb
-
MD5
00542b9d21af209948ad923d035e53fe
-
SHA1
eeb88fcc92a58309dd26019052a7ae5bcfc02110
-
SHA256
d7841d55e43d7bc435dadaae9997d975ed0001ab18fa4f7e4f2fce6a36105093
-
SHA512
8a01d01f7bd7df1a7371cda7158c1e69dcc98d078af626eb47ac4f1cc7e78aa67008210ad850f4a1bfbcd4e1f2b39e3c669eb4425e8acb85ef97585d6169b69e
-
SSDEEP
49152:tglKw04wX6NOzrqYFxZoZ3H0sm9NnlKGDMeXOIpaQqGcKX:tOK7lzOYF4JH03JKvuOqn
Behavioral task
behavioral1
Sample
00542b9d21af209948ad923d035e53fe_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
00542b9d21af209948ad923d035e53fe_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
00542b9d21af209948ad923d035e53fe_JaffaCakes118
-
Size
2.3MB
-
MD5
00542b9d21af209948ad923d035e53fe
-
SHA1
eeb88fcc92a58309dd26019052a7ae5bcfc02110
-
SHA256
d7841d55e43d7bc435dadaae9997d975ed0001ab18fa4f7e4f2fce6a36105093
-
SHA512
8a01d01f7bd7df1a7371cda7158c1e69dcc98d078af626eb47ac4f1cc7e78aa67008210ad850f4a1bfbcd4e1f2b39e3c669eb4425e8acb85ef97585d6169b69e
-
SSDEEP
49152:tglKw04wX6NOzrqYFxZoZ3H0sm9NnlKGDMeXOIpaQqGcKX:tOK7lzOYF4JH03JKvuOqn
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
2Windows Service
2Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
2Windows Service
2Event Triggered Execution
1Netsh Helper DLL
1