General
-
Target
726159d2ac584b91448891af7227829e_JaffaCakes118
-
Size
148KB
-
Sample
240726-dp184ashnj
-
MD5
726159d2ac584b91448891af7227829e
-
SHA1
3fe227b09f30a58fceb87c66c1fca51860b5eeb2
-
SHA256
b2be38b71fb77415bbbb85d24279a5be7cc8720bacd0d1ef02882a7d10856e5e
-
SHA512
e1545325ee61e3ff314b0b2ca78c5e72d4c2bcb76450ca39ee27404e7f6997f6abf2ff45fc840026953daa3a17a4c21bf474ce1aed335342100f58fd6a7f2cd8
-
SSDEEP
3072:gdo+2gRs59j/pvkqBBac+RAGq1bg7Yfgst6OzOS79pgRZkhQJAOAZ4oQZiEw4cnw:OoHbj/pvkqBBac+RAGq1bZHtrzOS77kn
Malware Config
Targets
-
-
Target
726159d2ac584b91448891af7227829e_JaffaCakes118
-
Size
148KB
-
MD5
726159d2ac584b91448891af7227829e
-
SHA1
3fe227b09f30a58fceb87c66c1fca51860b5eeb2
-
SHA256
b2be38b71fb77415bbbb85d24279a5be7cc8720bacd0d1ef02882a7d10856e5e
-
SHA512
e1545325ee61e3ff314b0b2ca78c5e72d4c2bcb76450ca39ee27404e7f6997f6abf2ff45fc840026953daa3a17a4c21bf474ce1aed335342100f58fd6a7f2cd8
-
SSDEEP
3072:gdo+2gRs59j/pvkqBBac+RAGq1bg7Yfgst6OzOS79pgRZkhQJAOAZ4oQZiEw4cnw:OoHbj/pvkqBBac+RAGq1bZHtrzOS77kn
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2