General
-
Target
95a2a45ef1683437ecc93b588ae0fcd0_JaffaCakes118
-
Size
152KB
-
Sample
240814-l4acxs1dkn
-
MD5
95a2a45ef1683437ecc93b588ae0fcd0
-
SHA1
e93cb042ee4ce292b5a1b4a7519b502a8d5bfe81
-
SHA256
d8c26de56e30cc5fdde5b820b90dca066987ab545fb92d4b28be8c656be7d994
-
SHA512
3b42535b670fed192eba851bcebcbc298b0732070323d5e4404da3a0773b3c99ce1cd70da4ff5a017c3fd13859ab1bd746eaf025f61ad736a8d8856f6b158533
-
SSDEEP
3072:OVtLL2zYLzEi4AH+huHLVYMMfYPHdtlRlgbHL4oQZiEmY:4tn2zYvt4m+KL04lRqjlWD
Malware Config
Targets
-
-
Target
95a2a45ef1683437ecc93b588ae0fcd0_JaffaCakes118
-
Size
152KB
-
MD5
95a2a45ef1683437ecc93b588ae0fcd0
-
SHA1
e93cb042ee4ce292b5a1b4a7519b502a8d5bfe81
-
SHA256
d8c26de56e30cc5fdde5b820b90dca066987ab545fb92d4b28be8c656be7d994
-
SHA512
3b42535b670fed192eba851bcebcbc298b0732070323d5e4404da3a0773b3c99ce1cd70da4ff5a017c3fd13859ab1bd746eaf025f61ad736a8d8856f6b158533
-
SSDEEP
3072:OVtLL2zYLzEi4AH+huHLVYMMfYPHdtlRlgbHL4oQZiEmY:4tn2zYvt4m+KL04lRqjlWD
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2