General
-
Target
84fd85657c7efa2fa352f00bf13b435a_JaffaCakes118
-
Size
160KB
-
Sample
240810-gfy9xsxgrm
-
MD5
84fd85657c7efa2fa352f00bf13b435a
-
SHA1
469299019e0e0323c87117adcdee318fa3a48405
-
SHA256
327b8fbe92ce18ca42947c3261c0366eff13a703510d6d56422f119af9b1d650
-
SHA512
3729020153c150921ee1ab5031860a74c4e7f04122011a57a693c5d7d73eb48084c8559cd089dcce6aadf428e6d10cfe5638c0bb83a8f7e100bb2447697ca999
-
SSDEEP
768:u7SpCjVYxhIPBryUmU6tI4UBndTaDyNMRzEQU5e3bw1o+5G:u7ZJGidjCCndTuyNMS3cw1o+5G
Malware Config
Targets
-
-
Target
84fd85657c7efa2fa352f00bf13b435a_JaffaCakes118
-
Size
160KB
-
MD5
84fd85657c7efa2fa352f00bf13b435a
-
SHA1
469299019e0e0323c87117adcdee318fa3a48405
-
SHA256
327b8fbe92ce18ca42947c3261c0366eff13a703510d6d56422f119af9b1d650
-
SHA512
3729020153c150921ee1ab5031860a74c4e7f04122011a57a693c5d7d73eb48084c8559cd089dcce6aadf428e6d10cfe5638c0bb83a8f7e100bb2447697ca999
-
SSDEEP
768:u7SpCjVYxhIPBryUmU6tI4UBndTaDyNMRzEQU5e3bw1o+5G:u7ZJGidjCCndTuyNMS3cw1o+5G
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2