General
-
Target
784e010c6e634b644c3c8792cf0f7c25_JaffaCakes118
-
Size
100KB
-
Sample
240727-qh9ywathmc
-
MD5
784e010c6e634b644c3c8792cf0f7c25
-
SHA1
4f8f0a9303c3291d208e27c679b23f4dd29fc742
-
SHA256
653a25faecf5be6cae6fadb03c59cbfb3d7a304003147fb23defa07273688bfd
-
SHA512
025b3442b7108b346a67dc0cb9f33e4591b184777c6fc7355671a30419a794fa4c57d737d5f9609811f9069d9d0124c5d274e96740d356c6cb523140ea92c24b
-
SSDEEP
1536:u0W88iAuismyws/9Lw0wF9MGM9K/oKtNgCMbA1bL3N+NM5Uf1NIjnZo:EoV/KLOM52Cnm
Malware Config
Targets
-
-
Target
784e010c6e634b644c3c8792cf0f7c25_JaffaCakes118
-
Size
100KB
-
MD5
784e010c6e634b644c3c8792cf0f7c25
-
SHA1
4f8f0a9303c3291d208e27c679b23f4dd29fc742
-
SHA256
653a25faecf5be6cae6fadb03c59cbfb3d7a304003147fb23defa07273688bfd
-
SHA512
025b3442b7108b346a67dc0cb9f33e4591b184777c6fc7355671a30419a794fa4c57d737d5f9609811f9069d9d0124c5d274e96740d356c6cb523140ea92c24b
-
SSDEEP
1536:u0W88iAuismyws/9Lw0wF9MGM9K/oKtNgCMbA1bL3N+NM5Uf1NIjnZo:EoV/KLOM52Cnm
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2