General
-
Target
75215ffeb0d5e73849aaa7cbeb32f22f_JaffaCakes118
-
Size
100KB
-
Sample
240726-wmvbwaycmf
-
MD5
75215ffeb0d5e73849aaa7cbeb32f22f
-
SHA1
85358187d5631ce6f544179afc793e91ad8f45d4
-
SHA256
e1df351c418a0d6219ccde90bfffd8e20f12ad806e34f0f522af7de79132188f
-
SHA512
14b07faffdc9ea5715566c6ded9eaaeee9656126d3ee1fbd6af192f1acd0d66e9f1a40fd4c486827cbd988f33dff8d5c46ba3290d9000a29218b2a6931501049
-
SSDEEP
1536:HDWlcX220mQF3lxJKIRGWcOUP7vXArnY1ZqAefzyesVNIj/:jVQlgNAfzyeOC/
Malware Config
Targets
-
-
Target
75215ffeb0d5e73849aaa7cbeb32f22f_JaffaCakes118
-
Size
100KB
-
MD5
75215ffeb0d5e73849aaa7cbeb32f22f
-
SHA1
85358187d5631ce6f544179afc793e91ad8f45d4
-
SHA256
e1df351c418a0d6219ccde90bfffd8e20f12ad806e34f0f522af7de79132188f
-
SHA512
14b07faffdc9ea5715566c6ded9eaaeee9656126d3ee1fbd6af192f1acd0d66e9f1a40fd4c486827cbd988f33dff8d5c46ba3290d9000a29218b2a6931501049
-
SSDEEP
1536:HDWlcX220mQF3lxJKIRGWcOUP7vXArnY1ZqAefzyesVNIj/:jVQlgNAfzyeOC/
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2