General
-
Target
941a551ce113186fd59ecd6b1482720b_JaffaCakes118
-
Size
232KB
-
Sample
240813-wcfqqsxelh
-
MD5
941a551ce113186fd59ecd6b1482720b
-
SHA1
ec3a721c6f3147387a1ace91ece75471486e4517
-
SHA256
9f0bb232872c7fc9b8ecace17359a65a564d72e3ddd78ba25a20d770112033a7
-
SHA512
ba5cb9a326d37b514a7def836bbc5c0a1d073985a2a7d643f97890af0085498200ea30395b4b60a795cfcc7fbd5764b2926e6b071dfb96241cb3037bd925a7a6
-
SSDEEP
6144:Cy33PFKs78vpRTlEqxF6snji81RUinKbLOH:VPhp+
Malware Config
Targets
-
-
Target
941a551ce113186fd59ecd6b1482720b_JaffaCakes118
-
Size
232KB
-
MD5
941a551ce113186fd59ecd6b1482720b
-
SHA1
ec3a721c6f3147387a1ace91ece75471486e4517
-
SHA256
9f0bb232872c7fc9b8ecace17359a65a564d72e3ddd78ba25a20d770112033a7
-
SHA512
ba5cb9a326d37b514a7def836bbc5c0a1d073985a2a7d643f97890af0085498200ea30395b4b60a795cfcc7fbd5764b2926e6b071dfb96241cb3037bd925a7a6
-
SSDEEP
6144:Cy33PFKs78vpRTlEqxF6snji81RUinKbLOH:VPhp+
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2