General
-
Target
734863dd407a89a5a83635c263e924b7_JaffaCakes118
-
Size
128KB
-
Sample
240726-kac2aawgml
-
MD5
734863dd407a89a5a83635c263e924b7
-
SHA1
dd69817c4f73713292a82ef9fc3204416542f722
-
SHA256
21da4f1099cc25707b3bf7420131664bf01e546288ac6edb09458d61f09a9c5c
-
SHA512
2227109618020e69d92a5b7f3a8998fbecf3d01db36282f249aa602a9a32e494005ae3645d1e7555107c8c89c4e992db5b7a8dff8542ddb2f5e96bfd26b1347d
-
SSDEEP
1536:NFssiLOhgwuFQFviwd6PXOYb7gUWgWFsEH9NeG0h/l:fssiLEgnFQBtYb7gRsE+t
Malware Config
Targets
-
-
Target
734863dd407a89a5a83635c263e924b7_JaffaCakes118
-
Size
128KB
-
MD5
734863dd407a89a5a83635c263e924b7
-
SHA1
dd69817c4f73713292a82ef9fc3204416542f722
-
SHA256
21da4f1099cc25707b3bf7420131664bf01e546288ac6edb09458d61f09a9c5c
-
SHA512
2227109618020e69d92a5b7f3a8998fbecf3d01db36282f249aa602a9a32e494005ae3645d1e7555107c8c89c4e992db5b7a8dff8542ddb2f5e96bfd26b1347d
-
SSDEEP
1536:NFssiLOhgwuFQFviwd6PXOYb7gUWgWFsEH9NeG0h/l:fssiLEgnFQBtYb7gRsE+t
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2