General
-
Target
84b2da28dab53ef992837ef2d1e27b28_JaffaCakes118
-
Size
144KB
-
Sample
240810-edzrkavbmm
-
MD5
84b2da28dab53ef992837ef2d1e27b28
-
SHA1
6770b32d13fdc80808aa3236f37a45683a35f2aa
-
SHA256
29e77f3f9fe94380f2b722e3f25ab500a06eba7d3260d83b7781065cae01c9dc
-
SHA512
1e2a1c8f78c2f48931a428a74ae3943030be6103e888c8bbb51f875b04ddf3445dd5b1bb0aa04ae84d444f0cf74e30c4a6abd7afd7100bb53c153ace1a53e4ee
-
SSDEEP
3072:eDk1wKcEUqZhplZRC7/veXx8pUPkDRcrLNfi0qsv:egmlEUqzPZ8eXx8pUsDRcHNfi0q8
Malware Config
Targets
-
-
Target
84b2da28dab53ef992837ef2d1e27b28_JaffaCakes118
-
Size
144KB
-
MD5
84b2da28dab53ef992837ef2d1e27b28
-
SHA1
6770b32d13fdc80808aa3236f37a45683a35f2aa
-
SHA256
29e77f3f9fe94380f2b722e3f25ab500a06eba7d3260d83b7781065cae01c9dc
-
SHA512
1e2a1c8f78c2f48931a428a74ae3943030be6103e888c8bbb51f875b04ddf3445dd5b1bb0aa04ae84d444f0cf74e30c4a6abd7afd7100bb53c153ace1a53e4ee
-
SSDEEP
3072:eDk1wKcEUqZhplZRC7/veXx8pUPkDRcrLNfi0qsv:egmlEUqzPZ8eXx8pUsDRcHNfi0q8
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2