General
-
Target
766db6c386eb4d4aba96413043f9871a_JaffaCakes118
-
Size
204KB
-
Sample
240727-a54glswapn
-
MD5
766db6c386eb4d4aba96413043f9871a
-
SHA1
fd3ee15f56f2599bdac712d02a98c3e7716b4a4d
-
SHA256
bccf6a69ad74581a794e07176f3e1ff18f0434719900aa419100a773717f4063
-
SHA512
ed009113b1a9c16dbf6fb759dafb4ed13808676950ac7f7962cde13146150301cca5f7d22083483bd53535463500ca307b56be12ccdc4336389caa60ddf4aa54
-
SSDEEP
3072:3m6xW8H0tQ9nLHbB9W0c1TqECzR/mkSYGrl9ymgYUWV/P:2f44QxL7B9W0c1RCzR/fSmlun
Malware Config
Targets
-
-
Target
766db6c386eb4d4aba96413043f9871a_JaffaCakes118
-
Size
204KB
-
MD5
766db6c386eb4d4aba96413043f9871a
-
SHA1
fd3ee15f56f2599bdac712d02a98c3e7716b4a4d
-
SHA256
bccf6a69ad74581a794e07176f3e1ff18f0434719900aa419100a773717f4063
-
SHA512
ed009113b1a9c16dbf6fb759dafb4ed13808676950ac7f7962cde13146150301cca5f7d22083483bd53535463500ca307b56be12ccdc4336389caa60ddf4aa54
-
SSDEEP
3072:3m6xW8H0tQ9nLHbB9W0c1TqECzR/mkSYGrl9ymgYUWV/P:2f44QxL7B9W0c1RCzR/fSmlun
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2