General
-
Target
846f8d936f608d3000ded4691a81c0f3_JaffaCakes118
-
Size
240KB
-
Sample
240810-cm5m3a1emn
-
MD5
846f8d936f608d3000ded4691a81c0f3
-
SHA1
d6e42d2c39c8e1f2d898a2c5679e13faf6597e50
-
SHA256
f1a16f6850f31cc8f6715bb641ce3c002b25554f92b5f83f16ef3a4726712d1b
-
SHA512
80fb5c5635e22c38b768d23f64ac404cf015b0a52ff2f8543c0eb5a803121b7c2981ac71feb6fc5fb13eb89c4d33d74b84b1f99df7eb166ee49e0d92d3950290
-
SSDEEP
6144:tU13dwqsNwemAB0EqxF6snji81RUinKchhyZS36:edQQJsAK
Malware Config
Targets
-
-
Target
846f8d936f608d3000ded4691a81c0f3_JaffaCakes118
-
Size
240KB
-
MD5
846f8d936f608d3000ded4691a81c0f3
-
SHA1
d6e42d2c39c8e1f2d898a2c5679e13faf6597e50
-
SHA256
f1a16f6850f31cc8f6715bb641ce3c002b25554f92b5f83f16ef3a4726712d1b
-
SHA512
80fb5c5635e22c38b768d23f64ac404cf015b0a52ff2f8543c0eb5a803121b7c2981ac71feb6fc5fb13eb89c4d33d74b84b1f99df7eb166ee49e0d92d3950290
-
SSDEEP
6144:tU13dwqsNwemAB0EqxF6snji81RUinKchhyZS36:edQQJsAK
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2