General

  • Target

    4cb349def836d1a4539574d1195334e2_JaffaCakes118

  • Size

    264KB

  • Sample

    240716-eergkstell

  • MD5

    4cb349def836d1a4539574d1195334e2

  • SHA1

    770261064c4fd0cf9c550fcbd42d196944d6ee52

  • SHA256

    7845580f04178f737b84741aecd73b17dcdfe88898aa3956b7b7b2ec3f338860

  • SHA512

    48de2011962b1fceb6f6b2cca8115bbd6f16029254c6c0866fba0c69cf66eba0da6942fc445b3ea94ac5f75aad998f5548a0208730f61e7e3a19ef47f150b753

  • SSDEEP

    3072:nM1YUuGGHGm4vhj72fcoV39N82Xph9InbDWAqWAdwwsJf8EV3JAJDSPCpH:nMGGRI180MGdddEsJDSKp

Score
10/10

Malware Config

Targets

    • Target

      4cb349def836d1a4539574d1195334e2_JaffaCakes118

    • Size

      264KB

    • MD5

      4cb349def836d1a4539574d1195334e2

    • SHA1

      770261064c4fd0cf9c550fcbd42d196944d6ee52

    • SHA256

      7845580f04178f737b84741aecd73b17dcdfe88898aa3956b7b7b2ec3f338860

    • SHA512

      48de2011962b1fceb6f6b2cca8115bbd6f16029254c6c0866fba0c69cf66eba0da6942fc445b3ea94ac5f75aad998f5548a0208730f61e7e3a19ef47f150b753

    • SSDEEP

      3072:nM1YUuGGHGm4vhj72fcoV39N82Xph9InbDWAqWAdwwsJf8EV3JAJDSPCpH:nMGGRI180MGdddEsJDSKp

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks