General
-
Target
89da15f64d54f5b3d77ea700915d73ca_JaffaCakes118
-
Size
100KB
-
Sample
240811-lgflesxhlc
-
MD5
89da15f64d54f5b3d77ea700915d73ca
-
SHA1
672ef440d55ee51e2eee02511fdf57f2677833de
-
SHA256
bab1b628eaea5df14881393b10962cca0f42b4e137ba21a192c72ec0b10e822b
-
SHA512
bea390dbf64a793d1c8c2644af2dd22beb29b73bc8814c06b1c796db0d03d7297b3c60b9ca1230aaa6f8cfbe21865eabadbb89a5966c698527ab043decbbe225
-
SSDEEP
1536:AL18iAuismywsjLw0wF9MGM9K/oKtNgCMbA1bL3N+NM5UfFNIjnZ6k:gj/KLOM5OCnEk
Malware Config
Targets
-
-
Target
89da15f64d54f5b3d77ea700915d73ca_JaffaCakes118
-
Size
100KB
-
MD5
89da15f64d54f5b3d77ea700915d73ca
-
SHA1
672ef440d55ee51e2eee02511fdf57f2677833de
-
SHA256
bab1b628eaea5df14881393b10962cca0f42b4e137ba21a192c72ec0b10e822b
-
SHA512
bea390dbf64a793d1c8c2644af2dd22beb29b73bc8814c06b1c796db0d03d7297b3c60b9ca1230aaa6f8cfbe21865eabadbb89a5966c698527ab043decbbe225
-
SSDEEP
1536:AL18iAuismywsjLw0wF9MGM9K/oKtNgCMbA1bL3N+NM5UfFNIjnZ6k:gj/KLOM5OCnEk
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2