General
-
Target
766bfe7fbcb57bbdb2667888954ef3a5_JaffaCakes118
-
Size
124KB
-
Sample
240727-a4twsavhrr
-
MD5
766bfe7fbcb57bbdb2667888954ef3a5
-
SHA1
4e165ab9fc1f70b57ae235221b9d7c1f775a906a
-
SHA256
f6f944b37246617aaa6d9e54f1b9ab366e6f67b011f520e5063093fe420a16d8
-
SHA512
b65fdd225200c288cf8661b6369206e4c2e4405be41c488128577052decb473e5f0746f100fef51e2ceafd39760020d390b361215c8eb9f2d6921c3066244070
-
SSDEEP
1536:wMtkjaTQ47U0GgAJa0P1kNmKldCMhdu8KWP/nTn8nBP9VeRPNeG0h/y:fkjJeU0GgAT9QIq
Malware Config
Targets
-
-
Target
766bfe7fbcb57bbdb2667888954ef3a5_JaffaCakes118
-
Size
124KB
-
MD5
766bfe7fbcb57bbdb2667888954ef3a5
-
SHA1
4e165ab9fc1f70b57ae235221b9d7c1f775a906a
-
SHA256
f6f944b37246617aaa6d9e54f1b9ab366e6f67b011f520e5063093fe420a16d8
-
SHA512
b65fdd225200c288cf8661b6369206e4c2e4405be41c488128577052decb473e5f0746f100fef51e2ceafd39760020d390b361215c8eb9f2d6921c3066244070
-
SSDEEP
1536:wMtkjaTQ47U0GgAJa0P1kNmKldCMhdu8KWP/nTn8nBP9VeRPNeG0h/y:fkjJeU0GgAT9QIq
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2