General
-
Target
85f2bcab65e9438c3c1b769932ee384c_JaffaCakes118
-
Size
176KB
-
Sample
240810-n1xp6ascqc
-
MD5
85f2bcab65e9438c3c1b769932ee384c
-
SHA1
baef3c580fff53f05b8bd329340ec5f3c73dbec4
-
SHA256
34fcfa23ebeb831b4fdbe0e5bee8d8b33702730d406edfc54f662a337e1e285e
-
SHA512
1400792a6619c4a06bc91ef9c6580ea3c8e6d33d58fd7a2ebaed4372d60d438b7f837726e57562b4b7fb0298dae58f6b64515d023d27ff60ae282bf4b6c4dfa1
-
SSDEEP
3072:2BubNB57EoiO8S9aCWKnvmb7/D26BXbBD8R4FpjIyc4j+agdLfED0Co0beLs9Ar:2B2fBQKnvmb7/D26BLBD8R4FpjIyc4ja
Malware Config
Targets
-
-
Target
85f2bcab65e9438c3c1b769932ee384c_JaffaCakes118
-
Size
176KB
-
MD5
85f2bcab65e9438c3c1b769932ee384c
-
SHA1
baef3c580fff53f05b8bd329340ec5f3c73dbec4
-
SHA256
34fcfa23ebeb831b4fdbe0e5bee8d8b33702730d406edfc54f662a337e1e285e
-
SHA512
1400792a6619c4a06bc91ef9c6580ea3c8e6d33d58fd7a2ebaed4372d60d438b7f837726e57562b4b7fb0298dae58f6b64515d023d27ff60ae282bf4b6c4dfa1
-
SSDEEP
3072:2BubNB57EoiO8S9aCWKnvmb7/D26BXbBD8R4FpjIyc4j+agdLfED0Co0beLs9Ar:2B2fBQKnvmb7/D26BLBD8R4FpjIyc4ja
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2