General
-
Target
8260d15855f0ea9557d5ef078f68ae94_JaffaCakes118
-
Size
132KB
-
Sample
240802-a2nxravgkq
-
MD5
8260d15855f0ea9557d5ef078f68ae94
-
SHA1
3d1f73a7c27ba838d22b5bd47863a9e622e1ac25
-
SHA256
08a9fe73a546d99c18b8ed56c08c313e769a26b6fb52bfee18460bdd0cd12a31
-
SHA512
e1a4e3ae5d21b20a36741dbc562561906602a09349dfa8a9d043fde1494c9188de40dadee05856ca83ceafa42614fc85d6299b25b9a87e05fa929623ff2c86f5
-
SSDEEP
3072:1eDNqy7TBJVSgpS5uIyio/Conuh1CNvDoiWYW:1OqoTB2grko/C2gc8ig
Malware Config
Targets
-
-
Target
8260d15855f0ea9557d5ef078f68ae94_JaffaCakes118
-
Size
132KB
-
MD5
8260d15855f0ea9557d5ef078f68ae94
-
SHA1
3d1f73a7c27ba838d22b5bd47863a9e622e1ac25
-
SHA256
08a9fe73a546d99c18b8ed56c08c313e769a26b6fb52bfee18460bdd0cd12a31
-
SHA512
e1a4e3ae5d21b20a36741dbc562561906602a09349dfa8a9d043fde1494c9188de40dadee05856ca83ceafa42614fc85d6299b25b9a87e05fa929623ff2c86f5
-
SSDEEP
3072:1eDNqy7TBJVSgpS5uIyio/Conuh1CNvDoiWYW:1OqoTB2grko/C2gc8ig
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2