General
-
Target
7805860044aa54b3983f918521fb06af_JaffaCakes118
-
Size
156KB
-
Sample
240727-nfnlrazcrd
-
MD5
7805860044aa54b3983f918521fb06af
-
SHA1
02488830a918384ae7c45d831c4ef71f110cc71e
-
SHA256
0735abf684c4ed31b70b4880beb28e89e964205d543fe2eb0b28028637d9a92b
-
SHA512
f6030358a11d6901c4b7a9fc38148aa74e6676057efd1b4b1535783372828a73899922f1587b0258432b0856b0af9f79c2e1278e534b76c0613ad42bf98e4196
-
SSDEEP
3072:oBd1iE2MtU7Qv0w4ZRRQMMDwtIMCeFP4ANQ4oQZiEYGX:6dME2R7Qvb4tQTaCeFP4AqWye
Malware Config
Targets
-
-
Target
7805860044aa54b3983f918521fb06af_JaffaCakes118
-
Size
156KB
-
MD5
7805860044aa54b3983f918521fb06af
-
SHA1
02488830a918384ae7c45d831c4ef71f110cc71e
-
SHA256
0735abf684c4ed31b70b4880beb28e89e964205d543fe2eb0b28028637d9a92b
-
SHA512
f6030358a11d6901c4b7a9fc38148aa74e6676057efd1b4b1535783372828a73899922f1587b0258432b0856b0af9f79c2e1278e534b76c0613ad42bf98e4196
-
SSDEEP
3072:oBd1iE2MtU7Qv0w4ZRRQMMDwtIMCeFP4ANQ4oQZiEYGX:6dME2R7Qvb4tQTaCeFP4AqWye
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2