General
-
Target
85650e452bf5ce08cae2a141ba74b6dd_JaffaCakes118
-
Size
232KB
-
Sample
240810-j7jdwsweph
-
MD5
85650e452bf5ce08cae2a141ba74b6dd
-
SHA1
3e745ab6e01efd1fa85272bb84b3c691b861bebe
-
SHA256
d61b89615de612c281dc0c79e6033cfe8373121e4ca52ba7c5dba38dc99862e2
-
SHA512
d9067e88a7c2173ddadd7e68a6de5666758decddb0db5466957647d3de6f5a821d6c2affd98fd99596460928a06406f8bc76e8bacf3040f3267a575afa38d7b3
-
SSDEEP
6144:Vm3PFKs7STL6eEqxF6snji81RUinKn3Kt+dNFt/:qPhPDFt/
Malware Config
Targets
-
-
Target
85650e452bf5ce08cae2a141ba74b6dd_JaffaCakes118
-
Size
232KB
-
MD5
85650e452bf5ce08cae2a141ba74b6dd
-
SHA1
3e745ab6e01efd1fa85272bb84b3c691b861bebe
-
SHA256
d61b89615de612c281dc0c79e6033cfe8373121e4ca52ba7c5dba38dc99862e2
-
SHA512
d9067e88a7c2173ddadd7e68a6de5666758decddb0db5466957647d3de6f5a821d6c2affd98fd99596460928a06406f8bc76e8bacf3040f3267a575afa38d7b3
-
SSDEEP
6144:Vm3PFKs7STL6eEqxF6snji81RUinKn3Kt+dNFt/:qPhPDFt/
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2