General
-
Target
7342bc6eb706655618c8f1ef0b476fe6_JaffaCakes118
-
Size
248KB
-
Sample
240726-j6bbwszdrd
-
MD5
7342bc6eb706655618c8f1ef0b476fe6
-
SHA1
d09870339795a9b98c562bfdf26a8aff705d6f8e
-
SHA256
8caec1fe315183f2be4db0d15f021eb2795dc5ecfe2e814f38d231c56fb39324
-
SHA512
cc9a82929d4c6644ee193baa0a313d234baa9e683dd9367dc7df5b31a13f65d3b3a09845a769b98e5a4a92c529831136345c1ea6e24112ee5aaf2b121346752e
-
SSDEEP
6144:/1OCwemp1EZ1MdMrNkrPtlhYRv++FMC+IIfHtpH1uVEVfr6rCiwG:/gCN/Z10MrNkb1HtpH1uVk6Ciw
Malware Config
Targets
-
-
Target
7342bc6eb706655618c8f1ef0b476fe6_JaffaCakes118
-
Size
248KB
-
MD5
7342bc6eb706655618c8f1ef0b476fe6
-
SHA1
d09870339795a9b98c562bfdf26a8aff705d6f8e
-
SHA256
8caec1fe315183f2be4db0d15f021eb2795dc5ecfe2e814f38d231c56fb39324
-
SHA512
cc9a82929d4c6644ee193baa0a313d234baa9e683dd9367dc7df5b31a13f65d3b3a09845a769b98e5a4a92c529831136345c1ea6e24112ee5aaf2b121346752e
-
SSDEEP
6144:/1OCwemp1EZ1MdMrNkrPtlhYRv++FMC+IIfHtpH1uVEVfr6rCiwG:/gCN/Z10MrNkb1HtpH1uVk6Ciw
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2