General
-
Target
6a14942060a98685a1acf08dda97a62d_JaffaCakes118
-
Size
232KB
-
Sample
240724-d2n5aswbrp
-
MD5
6a14942060a98685a1acf08dda97a62d
-
SHA1
765819ac4d0529e8318926fe9cfdd95b313ad4d9
-
SHA256
6172ca0fac5eaaf4ce09d2ef879fcd3fa3fc67213e9714cea0c2b543e12aad57
-
SHA512
4cfffdf993e5e7f01142b96ad1beb799132cd11cf8bcf36b086eb54ee71def29d52f45485ea4b25a93e343760087b93f0b6ccea543f346b78289bfd71f422ca4
-
SSDEEP
6144:zr3PFKs7diixRSFBfWEqxF6snji81RUinK51jbkxku1ST:zbPhJuBXVbkxJ1G
Malware Config
Targets
-
-
Target
6a14942060a98685a1acf08dda97a62d_JaffaCakes118
-
Size
232KB
-
MD5
6a14942060a98685a1acf08dda97a62d
-
SHA1
765819ac4d0529e8318926fe9cfdd95b313ad4d9
-
SHA256
6172ca0fac5eaaf4ce09d2ef879fcd3fa3fc67213e9714cea0c2b543e12aad57
-
SHA512
4cfffdf993e5e7f01142b96ad1beb799132cd11cf8bcf36b086eb54ee71def29d52f45485ea4b25a93e343760087b93f0b6ccea543f346b78289bfd71f422ca4
-
SSDEEP
6144:zr3PFKs7diixRSFBfWEqxF6snji81RUinK51jbkxku1ST:zbPhJuBXVbkxJ1G
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2