General
-
Target
94d6a60090c2ac4eefc84aac34013083_JaffaCakes118
-
Size
152KB
-
Sample
240813-1g1nxssbjq
-
MD5
94d6a60090c2ac4eefc84aac34013083
-
SHA1
6f7043d65bf901d15ecee1f59b73cebe0551147c
-
SHA256
4343f4d329bdd96adbeab3f1edce3efa70ccfb49b778318957bdf5db60287b8c
-
SHA512
5cf40385269a894d38beb29b79286f31b583f0b58cd2de1d607fa13e7787ceb6cc9a9e05d6b7fe603af1856642f56cbf2fa07f59cb0548c2fd0b93efa0ab7465
-
SSDEEP
1536:RdHmF+VoV6qZO5WV9PZ1K+smtK4/ZWnKTgkX:RdHmF+VoV6qZO5W7afKT
Malware Config
Targets
-
-
Target
94d6a60090c2ac4eefc84aac34013083_JaffaCakes118
-
Size
152KB
-
MD5
94d6a60090c2ac4eefc84aac34013083
-
SHA1
6f7043d65bf901d15ecee1f59b73cebe0551147c
-
SHA256
4343f4d329bdd96adbeab3f1edce3efa70ccfb49b778318957bdf5db60287b8c
-
SHA512
5cf40385269a894d38beb29b79286f31b583f0b58cd2de1d607fa13e7787ceb6cc9a9e05d6b7fe603af1856642f56cbf2fa07f59cb0548c2fd0b93efa0ab7465
-
SSDEEP
1536:RdHmF+VoV6qZO5WV9PZ1K+smtK4/ZWnKTgkX:RdHmF+VoV6qZO5W7afKT
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2