General

  • Target

    86c858ed6ca9b82e827a89fe60152614_JaffaCakes118

  • Size

    152KB

  • Sample

    240810-tvfscaxdrm

  • MD5

    86c858ed6ca9b82e827a89fe60152614

  • SHA1

    6101794d337e4db8f7cf760dd4b631ebc99fbff4

  • SHA256

    80012598fd78c69ec58e84ebf841b8540de245c4e18cc160726f88aa0e13347b

  • SHA512

    b2d93abde9177c8281176a3b63d94ee84643ce92239e1fa1216e99234966bc4a4e1aae0fac1690a5a492a899ea743b238f4824e794715173aec2ab0815533c76

  • SSDEEP

    3072:NmlVPTYhjIp+7MxJUbaxI3zQyzLBuT+Hog:2+7Mxa0yzUg

Malware Config

Targets

    • Target

      86c858ed6ca9b82e827a89fe60152614_JaffaCakes118

    • Size

      152KB

    • MD5

      86c858ed6ca9b82e827a89fe60152614

    • SHA1

      6101794d337e4db8f7cf760dd4b631ebc99fbff4

    • SHA256

      80012598fd78c69ec58e84ebf841b8540de245c4e18cc160726f88aa0e13347b

    • SHA512

      b2d93abde9177c8281176a3b63d94ee84643ce92239e1fa1216e99234966bc4a4e1aae0fac1690a5a492a899ea743b238f4824e794715173aec2ab0815533c76

    • SSDEEP

      3072:NmlVPTYhjIp+7MxJUbaxI3zQyzLBuT+Hog:2+7Mxa0yzUg

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks