General
-
Target
895ec160eb314e699b3765c4ac648ea2_JaffaCakes118
-
Size
144KB
-
Sample
240811-heh2zssgrg
-
MD5
895ec160eb314e699b3765c4ac648ea2
-
SHA1
c0e539d6b7b741dfb7ebba6fc67ecf061f6f02ab
-
SHA256
718704d17eb38a9c6fbb66ba4e2de7f57c929b70c2d8f234f99f19c9525fea72
-
SHA512
4770979f2fa9fda4f4df5358592e475fa0a85b844cf10a7b07bc48dd8d862a8ff1c365979a589f37b654084c9bafd1ce54341d0195c53b1297fd748a5e9ff498
-
SSDEEP
1536:8tljxu0nE0ggGDHjDTYpK3XZxkIh1mF+0da1f6ymqneF05brgEFrsUhKeT4oQB4T:8tLnhg/zLKM0AGMeF05XgE5j4oQyF
Malware Config
Targets
-
-
Target
895ec160eb314e699b3765c4ac648ea2_JaffaCakes118
-
Size
144KB
-
MD5
895ec160eb314e699b3765c4ac648ea2
-
SHA1
c0e539d6b7b741dfb7ebba6fc67ecf061f6f02ab
-
SHA256
718704d17eb38a9c6fbb66ba4e2de7f57c929b70c2d8f234f99f19c9525fea72
-
SHA512
4770979f2fa9fda4f4df5358592e475fa0a85b844cf10a7b07bc48dd8d862a8ff1c365979a589f37b654084c9bafd1ce54341d0195c53b1297fd748a5e9ff498
-
SSDEEP
1536:8tljxu0nE0ggGDHjDTYpK3XZxkIh1mF+0da1f6ymqneF05brgEFrsUhKeT4oQB4T:8tLnhg/zLKM0AGMeF05XgE5j4oQyF
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2