General
-
Target
93e8164d7776a9f1ac820d004c63db6b_JaffaCakes118
-
Size
504KB
-
Sample
240813-t8vhnavcra
-
MD5
93e8164d7776a9f1ac820d004c63db6b
-
SHA1
409874fe58c589f3f92c080041f89b416107fca4
-
SHA256
6c6a0036acf3d34d41990a8b66cc3e82a183befa475fb0b6fa49824754eb1b7e
-
SHA512
b7ecd9b37c75cde74c27ad075e10dba1af7725ad7816b4898f8bb11538a78571ed90f2890fa238893ba5f91d3f536d9960039496d8109065a04c5ac13d5ae5e2
-
SSDEEP
6144:1gukEoTgcAwdsuxQUdj18MgLSxaZPTIfhhKfd/O1mTSK014pv3e4:GuG3AwdXmJO4hIJ29Oz14xe4
Malware Config
Targets
-
-
Target
93e8164d7776a9f1ac820d004c63db6b_JaffaCakes118
-
Size
504KB
-
MD5
93e8164d7776a9f1ac820d004c63db6b
-
SHA1
409874fe58c589f3f92c080041f89b416107fca4
-
SHA256
6c6a0036acf3d34d41990a8b66cc3e82a183befa475fb0b6fa49824754eb1b7e
-
SHA512
b7ecd9b37c75cde74c27ad075e10dba1af7725ad7816b4898f8bb11538a78571ed90f2890fa238893ba5f91d3f536d9960039496d8109065a04c5ac13d5ae5e2
-
SSDEEP
6144:1gukEoTgcAwdsuxQUdj18MgLSxaZPTIfhhKfd/O1mTSK014pv3e4:GuG3AwdXmJO4hIJ29Oz14xe4
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2