General
-
Target
761a2fcb9f87b2379232ad74d1645888_JaffaCakes118
-
Size
240KB
-
Sample
240726-2z96ratdkh
-
MD5
761a2fcb9f87b2379232ad74d1645888
-
SHA1
c71bdef4115556d722e9ab127f9fcfc6b880fae0
-
SHA256
a925f17bd2c931faed427344395c8a502f1caa7208dcf42aac05e39a406f9e23
-
SHA512
c4a148f2cb8ea6fa89d36706b83f27e6297cc5a3e5e95f1e93ab0d1aedae9fafc367cd7c29ec7d53c51ce7821b76ac46baab2d2ea6a146bea331b039a878f80d
-
SSDEEP
6144:wUX3dwqsNwemAB0EqxF6snji81RUinKchhymSQ:DdQQJsx
Malware Config
Targets
-
-
Target
761a2fcb9f87b2379232ad74d1645888_JaffaCakes118
-
Size
240KB
-
MD5
761a2fcb9f87b2379232ad74d1645888
-
SHA1
c71bdef4115556d722e9ab127f9fcfc6b880fae0
-
SHA256
a925f17bd2c931faed427344395c8a502f1caa7208dcf42aac05e39a406f9e23
-
SHA512
c4a148f2cb8ea6fa89d36706b83f27e6297cc5a3e5e95f1e93ab0d1aedae9fafc367cd7c29ec7d53c51ce7821b76ac46baab2d2ea6a146bea331b039a878f80d
-
SSDEEP
6144:wUX3dwqsNwemAB0EqxF6snji81RUinKchhymSQ:DdQQJsx
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2