General
-
Target
864ab627e4d4954ebc4824c676e50e90_JaffaCakes118
-
Size
228KB
-
Sample
240810-q39hvawdpf
-
MD5
864ab627e4d4954ebc4824c676e50e90
-
SHA1
75673c53fb94e306d721920f87bc2d0078fd7a60
-
SHA256
b24c6f24a28bcf1dc60a2d499b6f4f997a08a5d821722fbb32c292c297e340d8
-
SHA512
80c73ae2f357e57ded4813994e75758676e54546fa88718f6e5ff2d9944a11c65265156f473660ddd4e28ecfa8f1ca0aa51679842ff1a1f39e51c01e7480a1d9
-
SSDEEP
6144:TmZ3PFKs7aFwKWwalhrEqxF6snji81RUinKZHg/aSj:TmVPhAmZIH+aC
Malware Config
Targets
-
-
Target
864ab627e4d4954ebc4824c676e50e90_JaffaCakes118
-
Size
228KB
-
MD5
864ab627e4d4954ebc4824c676e50e90
-
SHA1
75673c53fb94e306d721920f87bc2d0078fd7a60
-
SHA256
b24c6f24a28bcf1dc60a2d499b6f4f997a08a5d821722fbb32c292c297e340d8
-
SHA512
80c73ae2f357e57ded4813994e75758676e54546fa88718f6e5ff2d9944a11c65265156f473660ddd4e28ecfa8f1ca0aa51679842ff1a1f39e51c01e7480a1d9
-
SSDEEP
6144:TmZ3PFKs7aFwKWwalhrEqxF6snji81RUinKZHg/aSj:TmVPhAmZIH+aC
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2