General
-
Target
8217251c9496a9e567d180965b2efc83_JaffaCakes118
-
Size
148KB
-
Sample
240801-238gbswckh
-
MD5
8217251c9496a9e567d180965b2efc83
-
SHA1
d93c359b985c286b8eb46aae81fdfcb8bc942c81
-
SHA256
513692427d443da142fb5b13e6fe492f49d404d66b82ecb9f84ab48a36974403
-
SHA512
4e5e6c718cae5009c033fa3a607043a377a7fd85418b740a8d5cd20269cec11153d19a013803e62030b1381c9854ed8963feb5fa6c11ec700c6dc056eca765cd
-
SSDEEP
3072:tdo+agRs59j/pvkqBBac+RAGq1bg7Yfgst6OzOS79pfRZkhQJAOAU4oQZiEc+T:bonbj/pvkqBBac+RAGq1bZHtrzOS77ZA
Malware Config
Targets
-
-
Target
8217251c9496a9e567d180965b2efc83_JaffaCakes118
-
Size
148KB
-
MD5
8217251c9496a9e567d180965b2efc83
-
SHA1
d93c359b985c286b8eb46aae81fdfcb8bc942c81
-
SHA256
513692427d443da142fb5b13e6fe492f49d404d66b82ecb9f84ab48a36974403
-
SHA512
4e5e6c718cae5009c033fa3a607043a377a7fd85418b740a8d5cd20269cec11153d19a013803e62030b1381c9854ed8963feb5fa6c11ec700c6dc056eca765cd
-
SSDEEP
3072:tdo+agRs59j/pvkqBBac+RAGq1bg7Yfgst6OzOS79pfRZkhQJAOAU4oQZiEc+T:bonbj/pvkqBBac+RAGq1bZHtrzOS77ZA
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2