General
-
Target
707ac8683e3a2dedc5aff1bbf2d63340_JaffaCakes118
-
Size
252KB
-
Sample
240725-vmcldsshlq
-
MD5
707ac8683e3a2dedc5aff1bbf2d63340
-
SHA1
11e9e9cbb9fa407c5a0d465449b17c5a6754b448
-
SHA256
eb68e9ab35cda24ca54180d0ac9b4b137fcd94bab5be09483ef424b87eb9fa69
-
SHA512
0d5dea187813ee5ba02e1843cf090f4409f5d2fabc1b26279dce48bd3eaf910465bb42897d575432bcab49d37ee58323b4bc4fa89e173b68d52fccdcbcb0d30d
-
SSDEEP
6144:wTsHFiVGBngFg4S628gA/igGuncMkcH/AeKnvmb7/D26ppSgCbvfXG:csligBnga4S628dFncMkcHIeKnvmb7/V
Malware Config
Targets
-
-
Target
707ac8683e3a2dedc5aff1bbf2d63340_JaffaCakes118
-
Size
252KB
-
MD5
707ac8683e3a2dedc5aff1bbf2d63340
-
SHA1
11e9e9cbb9fa407c5a0d465449b17c5a6754b448
-
SHA256
eb68e9ab35cda24ca54180d0ac9b4b137fcd94bab5be09483ef424b87eb9fa69
-
SHA512
0d5dea187813ee5ba02e1843cf090f4409f5d2fabc1b26279dce48bd3eaf910465bb42897d575432bcab49d37ee58323b4bc4fa89e173b68d52fccdcbcb0d30d
-
SSDEEP
6144:wTsHFiVGBngFg4S628gA/igGuncMkcH/AeKnvmb7/D26ppSgCbvfXG:csligBnga4S628dFncMkcHIeKnvmb7/V
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2