General
-
Target
71e16e93cbef732d99829df2c229479c_JaffaCakes118
-
Size
100KB
-
Sample
240726-ascs5axfma
-
MD5
71e16e93cbef732d99829df2c229479c
-
SHA1
525c90c8ffff4912568c45368ad7bde3d0d3b242
-
SHA256
956dd657f1adc31c06621e80f7f8684337b270adea4a19d28334084d7a266db7
-
SHA512
4317237a7f8e1a1d79a1ee12eda0ab122f72406dcf385be0b38f6773fff5894cd8b5fe57310076c01cdb3f2ec4b95f34508852391a37d0047a35811280307a7f
-
SSDEEP
1536:JetGv82NTzwSMGAc4ohrPXo+73Rez8b0SyuNIjnZq:bw1urPX7CuCnY
Malware Config
Targets
-
-
Target
71e16e93cbef732d99829df2c229479c_JaffaCakes118
-
Size
100KB
-
MD5
71e16e93cbef732d99829df2c229479c
-
SHA1
525c90c8ffff4912568c45368ad7bde3d0d3b242
-
SHA256
956dd657f1adc31c06621e80f7f8684337b270adea4a19d28334084d7a266db7
-
SHA512
4317237a7f8e1a1d79a1ee12eda0ab122f72406dcf385be0b38f6773fff5894cd8b5fe57310076c01cdb3f2ec4b95f34508852391a37d0047a35811280307a7f
-
SSDEEP
1536:JetGv82NTzwSMGAc4ohrPXo+73Rez8b0SyuNIjnZq:bw1urPX7CuCnY
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2