General
-
Target
8a42e836131fa2ba1fd7b3d6f66f053d_JaffaCakes118
-
Size
4.1MB
-
Sample
240601-m2fycsae5w
-
MD5
8a42e836131fa2ba1fd7b3d6f66f053d
-
SHA1
eefc7e72763cf3202f17f47faae59373210814c0
-
SHA256
0f26bd9872ac6d503ac68a65b344a34011782938689bd72d82b2ce3def0a21be
-
SHA512
370d14135f7b25fb52329bad1bd6714f3295aa0ce92f2fe998b9a7133b57b3da44088d8769a01d00cc60a6381a029b3c38b54b0a033f01040e613be5c1b66306
-
SSDEEP
98304:3p6dtD707IBWLC59hNFno7VnZQ6P7qBSgTWJQ1anJG:It70eWuno5OEg6i6JG
Malware Config
Targets
-
-
Target
8a42e836131fa2ba1fd7b3d6f66f053d_JaffaCakes118
-
Size
4.1MB
-
MD5
8a42e836131fa2ba1fd7b3d6f66f053d
-
SHA1
eefc7e72763cf3202f17f47faae59373210814c0
-
SHA256
0f26bd9872ac6d503ac68a65b344a34011782938689bd72d82b2ce3def0a21be
-
SHA512
370d14135f7b25fb52329bad1bd6714f3295aa0ce92f2fe998b9a7133b57b3da44088d8769a01d00cc60a6381a029b3c38b54b0a033f01040e613be5c1b66306
-
SSDEEP
98304:3p6dtD707IBWLC59hNFno7VnZQ6P7qBSgTWJQ1anJG:It70eWuno5OEg6i6JG
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Browser Extensions
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1