General
-
Target
757063e12d0a36dfde5c3ed28c321146_JaffaCakes118
-
Size
260KB
-
Sample
240726-ydcrkszgqk
-
MD5
757063e12d0a36dfde5c3ed28c321146
-
SHA1
3c97be786d5d4f8f50de9aabd287f6a968d5e797
-
SHA256
6f6bf356ebfc18934b1d0c9f71a6a359386a54828f6146ea792490d6251c9f52
-
SHA512
299851d43a219564704cb9244ab6d582b6f679e1c1d1cb9c23a9d9cf43fa35415801b0a0735390ee4dcbb3d04ad9b770536b8bae57f1081cb81c7e91bb33545a
-
SSDEEP
6144:t4HtUUp7WQn6mr1R4bKLnXejKloO6JU1J7QnpmZ7Ta9kzU2/pn:tkJp6Qn6mr1R4bKLnXaKaO6O1JApSH
Malware Config
Targets
-
-
Target
757063e12d0a36dfde5c3ed28c321146_JaffaCakes118
-
Size
260KB
-
MD5
757063e12d0a36dfde5c3ed28c321146
-
SHA1
3c97be786d5d4f8f50de9aabd287f6a968d5e797
-
SHA256
6f6bf356ebfc18934b1d0c9f71a6a359386a54828f6146ea792490d6251c9f52
-
SHA512
299851d43a219564704cb9244ab6d582b6f679e1c1d1cb9c23a9d9cf43fa35415801b0a0735390ee4dcbb3d04ad9b770536b8bae57f1081cb81c7e91bb33545a
-
SSDEEP
6144:t4HtUUp7WQn6mr1R4bKLnXejKloO6JU1J7QnpmZ7Ta9kzU2/pn:tkJp6Qn6mr1R4bKLnXaKaO6O1JApSH
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2