General
-
Target
20a336d0e560c5dfd55e2f90dda5afe8_JaffaCakes118
-
Size
536KB
-
Sample
240703-b1yw1avdqp
-
MD5
20a336d0e560c5dfd55e2f90dda5afe8
-
SHA1
4a899d324f43908862c7d4277d409b624452d645
-
SHA256
eec3f523a932a73b97b200533024d6aa744af4d9e4219bf5759a9b6436764eeb
-
SHA512
1f2e07db2f2bd02481a8d5a7b8075f7ac6b510655ba0654db16e6c9678863c18fd7153968817d7743c93e02e016491acbeb80fe883fc19eb2d99e1b747771987
-
SSDEEP
12288:Re9mkj7sOGlngNAA/C22lsWAhNLCUMOn405Fsxc1CMV6R:g7EOGln4tWOHhNLRMt0PoOy
Static task
static1
Behavioral task
behavioral1
Sample
20a336d0e560c5dfd55e2f90dda5afe8_JaffaCakes118.exe
Resource
win7-20240611-en
Malware Config
Targets
-
-
Target
20a336d0e560c5dfd55e2f90dda5afe8_JaffaCakes118
-
Size
536KB
-
MD5
20a336d0e560c5dfd55e2f90dda5afe8
-
SHA1
4a899d324f43908862c7d4277d409b624452d645
-
SHA256
eec3f523a932a73b97b200533024d6aa744af4d9e4219bf5759a9b6436764eeb
-
SHA512
1f2e07db2f2bd02481a8d5a7b8075f7ac6b510655ba0654db16e6c9678863c18fd7153968817d7743c93e02e016491acbeb80fe883fc19eb2d99e1b747771987
-
SSDEEP
12288:Re9mkj7sOGlngNAA/C22lsWAhNLCUMOn405Fsxc1CMV6R:g7EOGln4tWOHhNLRMt0PoOy
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Molebox Virtualization software
Detects file using Molebox Virtualization software.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Active Setup
1