General
-
Target
8ab30735b0d42eccbd43a32ad1e98144_JaffaCakes118
-
Size
180KB
-
Sample
240811-rnrvxsxeka
-
MD5
8ab30735b0d42eccbd43a32ad1e98144
-
SHA1
38a513b0e6ec8be9d459691e0e3f4ada10f14be4
-
SHA256
385d96d33b861a76808200a396253b71a8a506afa5d8e6b2021b9ae63e4117a2
-
SHA512
287891de1d239303a190313f973215e2fb420bae1544924d622ccc5d6f9eb269ca9b8118e6106ce3f0f3ca39a3ad1f0b19e46d3dd6000fe1e1e68fb48e925180
-
SSDEEP
3072:yIo7GdYRLoeEdRos/eaqFnqWDb+uTyLDC6s5sSYqGlC6YViZj5HQXZmmJ0yCFio9:dzcKPpm2lC6YViZj5HQXZmmJ0yCF9Bx1
Malware Config
Targets
-
-
Target
8ab30735b0d42eccbd43a32ad1e98144_JaffaCakes118
-
Size
180KB
-
MD5
8ab30735b0d42eccbd43a32ad1e98144
-
SHA1
38a513b0e6ec8be9d459691e0e3f4ada10f14be4
-
SHA256
385d96d33b861a76808200a396253b71a8a506afa5d8e6b2021b9ae63e4117a2
-
SHA512
287891de1d239303a190313f973215e2fb420bae1544924d622ccc5d6f9eb269ca9b8118e6106ce3f0f3ca39a3ad1f0b19e46d3dd6000fe1e1e68fb48e925180
-
SSDEEP
3072:yIo7GdYRLoeEdRos/eaqFnqWDb+uTyLDC6s5sSYqGlC6YViZj5HQXZmmJ0yCFio9:dzcKPpm2lC6YViZj5HQXZmmJ0yCF9Bx1
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2