General
-
Target
fa1ad2b65786c99162e1e9400517e16f_JaffaCakes118
-
Size
204KB
-
Sample
240419-mjw7mahd4w
-
MD5
fa1ad2b65786c99162e1e9400517e16f
-
SHA1
2bf491ff12cf74493cfe4425994727f9d85ddea1
-
SHA256
6d2fb3231508fb8c22bd237b2ca5f9d360a276e4033823ba269d10c61ddb6820
-
SHA512
4fae9044a10f18ad359ccb316157b0552b18822663ce6001befd1fffeaca6ca1d1d304628c9e3e95a0293779f5553151879469b797623552a5a224ad8c2aff5c
-
SSDEEP
3072:DXIfTaaVOABDE3Ky5J+YrKKUiZj8HxrXAt75pWZmP2AiqMNKp:CTaSOyA33r+AnVjOxrQYZmP2Aiqh
Static task
static1
Behavioral task
behavioral1
Sample
fa1ad2b65786c99162e1e9400517e16f_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
fa1ad2b65786c99162e1e9400517e16f_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fa1ad2b65786c99162e1e9400517e16f_JaffaCakes118
-
Size
204KB
-
MD5
fa1ad2b65786c99162e1e9400517e16f
-
SHA1
2bf491ff12cf74493cfe4425994727f9d85ddea1
-
SHA256
6d2fb3231508fb8c22bd237b2ca5f9d360a276e4033823ba269d10c61ddb6820
-
SHA512
4fae9044a10f18ad359ccb316157b0552b18822663ce6001befd1fffeaca6ca1d1d304628c9e3e95a0293779f5553151879469b797623552a5a224ad8c2aff5c
-
SSDEEP
3072:DXIfTaaVOABDE3Ky5J+YrKKUiZj8HxrXAt75pWZmP2AiqMNKp:CTaSOyA33r+AnVjOxrQYZmP2Aiqh
Score10/10-
Modifies visibility of file extensions in Explorer
-
Adds policy Run key to start application
-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1