General
-
Target
8dcfdab5597153078156bcbf241b2da3_JaffaCakes118
-
Size
341KB
-
Sample
240812-h3ygkszhpq
-
MD5
8dcfdab5597153078156bcbf241b2da3
-
SHA1
40700cdc0388bf79cd0e84360418019f96d67e3a
-
SHA256
651ee7e5a335bd50c322c0f5c1fea2b818da6a6e1ba93545b1ccb60d06823669
-
SHA512
1302afa15ad3e77102e20f7d7bcfbf9399bb03952b526f9133b8b0ae512736fbfa468e9bd3c5629cec70b537854eb456d3894a14a4736e310ffa411a5d008603
-
SSDEEP
6144:CY94NO1xOzb8pDzCBPId9QQfHdlm5zVpGM7y2w0kzmDNwuiqUCuI3YfhHbHn:B9Ogxqb+6ITTvzQzzGM780yzrqd3a7H
Malware Config
Targets
-
-
Target
8dcfdab5597153078156bcbf241b2da3_JaffaCakes118
-
Size
341KB
-
MD5
8dcfdab5597153078156bcbf241b2da3
-
SHA1
40700cdc0388bf79cd0e84360418019f96d67e3a
-
SHA256
651ee7e5a335bd50c322c0f5c1fea2b818da6a6e1ba93545b1ccb60d06823669
-
SHA512
1302afa15ad3e77102e20f7d7bcfbf9399bb03952b526f9133b8b0ae512736fbfa468e9bd3c5629cec70b537854eb456d3894a14a4736e310ffa411a5d008603
-
SSDEEP
6144:CY94NO1xOzb8pDzCBPId9QQfHdlm5zVpGM7y2w0kzmDNwuiqUCuI3YfhHbHn:B9Ogxqb+6ITTvzQzzGM780yzrqd3a7H
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Browser Extensions
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1