General
-
Target
8a3acaf034fd653dd047904095eca0c3_JaffaCakes118
-
Size
124KB
-
Sample
240811-nvdebsxgkl
-
MD5
8a3acaf034fd653dd047904095eca0c3
-
SHA1
ace73751ead65a53d3238b799e9446a3ac7daa09
-
SHA256
17400d75569f0b276168587405501a61564fd88be5011cbc7fefe0670e588d7a
-
SHA512
62e76d99b1abe2624610901f0e12e5274eb4972247c37b4dc59f5feca42d1c1d2a6b53e94699e32ca84ee47e7988dc355d831f42f7ad33d43679d104bff209f1
-
SSDEEP
1536:Z2tkjZTQN1GtU0GgAJa0P1kNmKldCMhdu8KWP/nTn8nBP9VeMNeG0h/E:ikjmLGtU0GgAT9gM
Malware Config
Targets
-
-
Target
8a3acaf034fd653dd047904095eca0c3_JaffaCakes118
-
Size
124KB
-
MD5
8a3acaf034fd653dd047904095eca0c3
-
SHA1
ace73751ead65a53d3238b799e9446a3ac7daa09
-
SHA256
17400d75569f0b276168587405501a61564fd88be5011cbc7fefe0670e588d7a
-
SHA512
62e76d99b1abe2624610901f0e12e5274eb4972247c37b4dc59f5feca42d1c1d2a6b53e94699e32ca84ee47e7988dc355d831f42f7ad33d43679d104bff209f1
-
SSDEEP
1536:Z2tkjZTQN1GtU0GgAJa0P1kNmKldCMhdu8KWP/nTn8nBP9VeMNeG0h/E:ikjmLGtU0GgAT9gM
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2