General
-
Target
700e033e033265a4a8ecfda62ce834ea_JaffaCakes118
-
Size
260KB
-
Sample
240725-r97hhaxgmb
-
MD5
700e033e033265a4a8ecfda62ce834ea
-
SHA1
38fca6d153bfeece3a60396ee04ef08d6fbf8619
-
SHA256
d9940976d957d7bd55eed78f5bcf625a0f6c200966d4457a1962ca626f2a2ee9
-
SHA512
cf2410505570ee3b7494725e4c9468a3a3ba4cc5313343b8478fb15d3552803169f4756c90b13d226229e56502eaeee08b65cedbf1e07e72580dd2ffc025977f
-
SSDEEP
3072:HgfAlNmKvh25n/kZoSUjMqXnpWAkpAmTSrMaIOYt/jo7LAtPhjjtZnfHFEoWBfG2:HdogTSrMaIl/jcLijfHFEHWzKvjT85R
Malware Config
Targets
-
-
Target
700e033e033265a4a8ecfda62ce834ea_JaffaCakes118
-
Size
260KB
-
MD5
700e033e033265a4a8ecfda62ce834ea
-
SHA1
38fca6d153bfeece3a60396ee04ef08d6fbf8619
-
SHA256
d9940976d957d7bd55eed78f5bcf625a0f6c200966d4457a1962ca626f2a2ee9
-
SHA512
cf2410505570ee3b7494725e4c9468a3a3ba4cc5313343b8478fb15d3552803169f4756c90b13d226229e56502eaeee08b65cedbf1e07e72580dd2ffc025977f
-
SSDEEP
3072:HgfAlNmKvh25n/kZoSUjMqXnpWAkpAmTSrMaIOYt/jo7LAtPhjjtZnfHFEoWBfG2:HdogTSrMaIl/jcLijfHFEHWzKvjT85R
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2