General
-
Target
8512cf23f77dd4630268c501f79c8d70_JaffaCakes118
-
Size
100KB
-
Sample
240810-gzygqsshka
-
MD5
8512cf23f77dd4630268c501f79c8d70
-
SHA1
39034254c43bfbb13de3782b784045039b36d65a
-
SHA256
f87f7879da04e0b582f08f5d450bf7c8cd3063c1b0cb559f7c8e1684064604d6
-
SHA512
3f471e7e5d2dc30f765ab8e7278009750fe8b141d2cabe4378dc981eadf52b12a6d65edf20cc20793f588a4c227cc31b2674c131dc4e754c85d1a9afc7c415c3
-
SSDEEP
1536:IWh8iAuismyWsWRw0wF9MGM9K/lKtNgCMbATbL3N+NM5EfKNIjni:5WtTLOM5hCni
Malware Config
Targets
-
-
Target
8512cf23f77dd4630268c501f79c8d70_JaffaCakes118
-
Size
100KB
-
MD5
8512cf23f77dd4630268c501f79c8d70
-
SHA1
39034254c43bfbb13de3782b784045039b36d65a
-
SHA256
f87f7879da04e0b582f08f5d450bf7c8cd3063c1b0cb559f7c8e1684064604d6
-
SHA512
3f471e7e5d2dc30f765ab8e7278009750fe8b141d2cabe4378dc981eadf52b12a6d65edf20cc20793f588a4c227cc31b2674c131dc4e754c85d1a9afc7c415c3
-
SSDEEP
1536:IWh8iAuismyWsWRw0wF9MGM9K/lKtNgCMbATbL3N+NM5EfKNIjni:5WtTLOM5hCni
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2