General
-
Target
77c4abb07290abb02534c2722d489daa_JaffaCakes118
-
Size
240KB
-
Sample
240727-l175saseqq
-
MD5
77c4abb07290abb02534c2722d489daa
-
SHA1
b88af4cfcb3b481afb7c5d4dc4e4247bb07cea88
-
SHA256
08e307d12541463c4d04739afc0c63ecc78b840ce11c90cb3bf29911d09a815f
-
SHA512
fd172ad628dcc348ab96bcd7a490b9da3ab9249b79376e8cf13e06b2277e72202f9bf2ea5432c0927f91bd56f6cd678a15b4c725697f77cd2d0053fddc164922
-
SSDEEP
3072:GOjzVvHjQdrgUDdCGAX31X7tlcxEHglJsd1/Ab32yZlOsQqO1j99M3:NcdlcX31X7tlMGFTy6sQv
Malware Config
Targets
-
-
Target
77c4abb07290abb02534c2722d489daa_JaffaCakes118
-
Size
240KB
-
MD5
77c4abb07290abb02534c2722d489daa
-
SHA1
b88af4cfcb3b481afb7c5d4dc4e4247bb07cea88
-
SHA256
08e307d12541463c4d04739afc0c63ecc78b840ce11c90cb3bf29911d09a815f
-
SHA512
fd172ad628dcc348ab96bcd7a490b9da3ab9249b79376e8cf13e06b2277e72202f9bf2ea5432c0927f91bd56f6cd678a15b4c725697f77cd2d0053fddc164922
-
SSDEEP
3072:GOjzVvHjQdrgUDdCGAX31X7tlcxEHglJsd1/Ab32yZlOsQqO1j99M3:NcdlcX31X7tlMGFTy6sQv
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2