General
-
Target
8df8cd039d5a673b11370f0f12a8ed39_JaffaCakes118
-
Size
100KB
-
Sample
240812-j2yavssejn
-
MD5
8df8cd039d5a673b11370f0f12a8ed39
-
SHA1
b6c8b182eef58970c9f1bdb49acc99a2cc785630
-
SHA256
ea6cb9327430a50e05f22bf4c65ef2010c983b813d1e2e272d3ef3101f2a7e81
-
SHA512
6b5d160c67cdb85d5ed398059a65b69c52749c465e0ed9c8a7c90add0e53e8f16ccb8ad7f81df1ae9fa55624450616281a98f867e5098ce29dd8bc2fe1bd74ef
-
SSDEEP
1536:7Et0s82NTdw37LGZcYADZPU1+73BD88b0ny2NIj/:Yw3mgZPUQJ2C/
Malware Config
Targets
-
-
Target
8df8cd039d5a673b11370f0f12a8ed39_JaffaCakes118
-
Size
100KB
-
MD5
8df8cd039d5a673b11370f0f12a8ed39
-
SHA1
b6c8b182eef58970c9f1bdb49acc99a2cc785630
-
SHA256
ea6cb9327430a50e05f22bf4c65ef2010c983b813d1e2e272d3ef3101f2a7e81
-
SHA512
6b5d160c67cdb85d5ed398059a65b69c52749c465e0ed9c8a7c90add0e53e8f16ccb8ad7f81df1ae9fa55624450616281a98f867e5098ce29dd8bc2fe1bd74ef
-
SSDEEP
1536:7Et0s82NTdw37LGZcYADZPU1+73BD88b0ny2NIj/:Yw3mgZPUQJ2C/
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2