General
-
Target
824f5a70d1d7a4351c066f6efa103937_JaffaCakes118
-
Size
320KB
-
Sample
240802-anaszavanl
-
MD5
824f5a70d1d7a4351c066f6efa103937
-
SHA1
bfe2a04b6c765f732b600f567f210cf238c3a0f2
-
SHA256
bb1305485f1f27c8634e15450b46300d7fba5b82ec14b319c99091a1d2a64a19
-
SHA512
f66c707872c7c5845a7bd83e2dee56330d23d86cc740622405763ac6c06112323d5b403578081a949949197e43545cb2afa9395e66306e010dff154f4c861da5
-
SSDEEP
6144:tj+xPxlwGXimJ66onJGr+qyVztumGS5Ni3hpgoMKMphaeVf2B71qc:tsPjwGXic6JGr+qyVztumGS5YqoyU71n
Malware Config
Targets
-
-
Target
824f5a70d1d7a4351c066f6efa103937_JaffaCakes118
-
Size
320KB
-
MD5
824f5a70d1d7a4351c066f6efa103937
-
SHA1
bfe2a04b6c765f732b600f567f210cf238c3a0f2
-
SHA256
bb1305485f1f27c8634e15450b46300d7fba5b82ec14b319c99091a1d2a64a19
-
SHA512
f66c707872c7c5845a7bd83e2dee56330d23d86cc740622405763ac6c06112323d5b403578081a949949197e43545cb2afa9395e66306e010dff154f4c861da5
-
SSDEEP
6144:tj+xPxlwGXimJ66onJGr+qyVztumGS5Ni3hpgoMKMphaeVf2B71qc:tsPjwGXic6JGr+qyVztumGS5YqoyU71n
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2