General
-
Target
6f9e4be8b615780ecc3b70d23cb075de_JaffaCakes118
-
Size
296KB
-
Sample
240725-pw69gascld
-
MD5
6f9e4be8b615780ecc3b70d23cb075de
-
SHA1
50715e1989767bb27e259995fb0f1b912e75abdd
-
SHA256
1e94a546faa1b2f5422300e424e40a3526086ef04e356208a0b604ac48a13949
-
SHA512
d90482579ce60c2fc4e0bf5c413a2f7a0ae249c0e342487b5e5c749060efeca076a60c08f4441555e91ba323f4df5bfe8c915a07e70500108f6f0b0a1bc9a4bd
-
SSDEEP
6144:sEtaKkrONaJ2BHzDtU7b5dU14Uf797SNIbVRGAw2+8e9KZPY88NM:scQrO2CzqX5dS7cuDGH2+8xm88O
Malware Config
Targets
-
-
Target
6f9e4be8b615780ecc3b70d23cb075de_JaffaCakes118
-
Size
296KB
-
MD5
6f9e4be8b615780ecc3b70d23cb075de
-
SHA1
50715e1989767bb27e259995fb0f1b912e75abdd
-
SHA256
1e94a546faa1b2f5422300e424e40a3526086ef04e356208a0b604ac48a13949
-
SHA512
d90482579ce60c2fc4e0bf5c413a2f7a0ae249c0e342487b5e5c749060efeca076a60c08f4441555e91ba323f4df5bfe8c915a07e70500108f6f0b0a1bc9a4bd
-
SSDEEP
6144:sEtaKkrONaJ2BHzDtU7b5dU14Uf797SNIbVRGAw2+8e9KZPY88NM:scQrO2CzqX5dS7cuDGH2+8xm88O
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2