General
-
Target
7687c584fd757a01e740e4d595a509ab_JaffaCakes118
-
Size
244KB
-
Sample
240727-bqklmaxerr
-
MD5
7687c584fd757a01e740e4d595a509ab
-
SHA1
5a0f4d617293fbeaf4ba56621a007f80abf66406
-
SHA256
b15c323f35c830d894f18264bd07b4a1fed4f38362f28772d86d39cf893ce836
-
SHA512
8febd7ad4655526447f1e89177dd054de0b9780cfbd0517157818102107349fcfffcb0b6c7a1ec98899ec860908d2c3d004501d4b718ae7a3f976765f7469f2a
-
SSDEEP
3072:bhPBd0sROnFQW5yIuSP9lqVinU3bp/PTm2moJ6BwA+GABMndgcRU:bhJdo7PnqVinU3bw2moJ6WAdgS
Malware Config
Targets
-
-
Target
7687c584fd757a01e740e4d595a509ab_JaffaCakes118
-
Size
244KB
-
MD5
7687c584fd757a01e740e4d595a509ab
-
SHA1
5a0f4d617293fbeaf4ba56621a007f80abf66406
-
SHA256
b15c323f35c830d894f18264bd07b4a1fed4f38362f28772d86d39cf893ce836
-
SHA512
8febd7ad4655526447f1e89177dd054de0b9780cfbd0517157818102107349fcfffcb0b6c7a1ec98899ec860908d2c3d004501d4b718ae7a3f976765f7469f2a
-
SSDEEP
3072:bhPBd0sROnFQW5yIuSP9lqVinU3bp/PTm2moJ6BwA+GABMndgcRU:bhJdo7PnqVinU3bw2moJ6WAdgS
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2