General
-
Target
832743346882cd979378a6cd88ed1db4_JaffaCakes118
-
Size
240KB
-
Sample
240802-ftk4saxepr
-
MD5
832743346882cd979378a6cd88ed1db4
-
SHA1
aa06513b48370497d5dad830863a3c79de68d9ff
-
SHA256
0a2084f5ace58ae403b29d0a69b9f2baad81582ac528dc0faf3fd4883f3e4b86
-
SHA512
7325e805f73b02f30d34e4b4d7ea24d6da791f3e4f157f405290e88b35073db24683dbfe32508a5fe5d7741f475234d07f9c12bee66daccd1eacb8a0c3dbc26d
-
SSDEEP
3072:P4OzL5gnIGOdmLGeCfcpwA5f3CEoEtUMbfRt:wOzWOK7cKiED5
Malware Config
Targets
-
-
Target
832743346882cd979378a6cd88ed1db4_JaffaCakes118
-
Size
240KB
-
MD5
832743346882cd979378a6cd88ed1db4
-
SHA1
aa06513b48370497d5dad830863a3c79de68d9ff
-
SHA256
0a2084f5ace58ae403b29d0a69b9f2baad81582ac528dc0faf3fd4883f3e4b86
-
SHA512
7325e805f73b02f30d34e4b4d7ea24d6da791f3e4f157f405290e88b35073db24683dbfe32508a5fe5d7741f475234d07f9c12bee66daccd1eacb8a0c3dbc26d
-
SSDEEP
3072:P4OzL5gnIGOdmLGeCfcpwA5f3CEoEtUMbfRt:wOzWOK7cKiED5
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2