General
-
Target
8a81ad354a7086ea039139afaf8b0482_JaffaCakes118
-
Size
284KB
-
Sample
240811-qkf4ksvgrc
-
MD5
8a81ad354a7086ea039139afaf8b0482
-
SHA1
2b2834f8de0264e05311e6b872ce209b835be336
-
SHA256
58dd74fc3400d84f9fb97aeb48a11b7505cab71cfe678ae5ecf71b7ac73020a2
-
SHA512
8e14bf1193ba197683c2ea50cfb65c91af0c64ebb0b33a536b3b252318215f21f7ee7de6b15b5a7dfb2753ad5e81db490826e525f35bc068fe120f230c8fd8b2
-
SSDEEP
6144:wH6QcxQRhNyKQ9ezwA2Rv4gnw+lJVomcEk9dk/FLGY+Kt/dPLsx02Gf6vIqGnuTu:1jVIrbQdnHcllaXYDoDM3flUa
Malware Config
Targets
-
-
Target
8a81ad354a7086ea039139afaf8b0482_JaffaCakes118
-
Size
284KB
-
MD5
8a81ad354a7086ea039139afaf8b0482
-
SHA1
2b2834f8de0264e05311e6b872ce209b835be336
-
SHA256
58dd74fc3400d84f9fb97aeb48a11b7505cab71cfe678ae5ecf71b7ac73020a2
-
SHA512
8e14bf1193ba197683c2ea50cfb65c91af0c64ebb0b33a536b3b252318215f21f7ee7de6b15b5a7dfb2753ad5e81db490826e525f35bc068fe120f230c8fd8b2
-
SSDEEP
6144:wH6QcxQRhNyKQ9ezwA2Rv4gnw+lJVomcEk9dk/FLGY+Kt/dPLsx02Gf6vIqGnuTu:1jVIrbQdnHcllaXYDoDM3flUa
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2