General
-
Target
87b21458c2bf93ff2df92b3abca3b74b_JaffaCakes118
-
Size
288KB
-
Sample
240810-z2wp2aybrm
-
MD5
87b21458c2bf93ff2df92b3abca3b74b
-
SHA1
c45872d0171b70d88f21ba904b3fe6ac77032e7c
-
SHA256
92190ba5d831a90130960adf8ba7c76e1ecdd57fc5907cfb54d9c44fe2912bcf
-
SHA512
b7feefbe7cac8510ca67feb70a6f8231e2297472f035a0c9de5727e04265863be8a5441d8ad9461f1f6b7df8c0bdb2dff68c2388536af2c10760e0bd77e11af0
-
SSDEEP
6144:w5c0f7XP+g3AGJpWVzuChYrgns+XuCKnvmb7/D263VAPL8R8FUjcWMHu9tmuE79x:Z27/XvLWpukogns+XuCKnvmb7/D263QF
Malware Config
Targets
-
-
Target
87b21458c2bf93ff2df92b3abca3b74b_JaffaCakes118
-
Size
288KB
-
MD5
87b21458c2bf93ff2df92b3abca3b74b
-
SHA1
c45872d0171b70d88f21ba904b3fe6ac77032e7c
-
SHA256
92190ba5d831a90130960adf8ba7c76e1ecdd57fc5907cfb54d9c44fe2912bcf
-
SHA512
b7feefbe7cac8510ca67feb70a6f8231e2297472f035a0c9de5727e04265863be8a5441d8ad9461f1f6b7df8c0bdb2dff68c2388536af2c10760e0bd77e11af0
-
SSDEEP
6144:w5c0f7XP+g3AGJpWVzuChYrgns+XuCKnvmb7/D263VAPL8R8FUjcWMHu9tmuE79x:Z27/XvLWpukogns+XuCKnvmb7/D263QF
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2