General
-
Target
95eaaa6063cf066550dafa5d313bda22_JaffaCakes118
-
Size
176KB
-
Sample
240814-nlynxazcjg
-
MD5
95eaaa6063cf066550dafa5d313bda22
-
SHA1
db4a51e6683076e310397eff13a612bad5d58b7f
-
SHA256
e2fda6d96ce118658d5086326d4433e9537acf03b3aa14fd0fa35484041380c4
-
SHA512
566d8eb7be325fb266858bb61f0ac7de1b573f11a14830970baa54fb20eb8ab6d2b5767838012c888206ce68d67fc45d82b3ba2828e3e1b9b9b5e496a0ba0110
-
SSDEEP
3072:R504IcfpHlp1D2KcwjIU2aTObcpT/pHkEAbN/yK/fObT/bGiCV/COqoSQ/iBuAZZ:L04PfpHlp1KKcwjIDaTObcZ/pHkMK/f4
Malware Config
Targets
-
-
Target
95eaaa6063cf066550dafa5d313bda22_JaffaCakes118
-
Size
176KB
-
MD5
95eaaa6063cf066550dafa5d313bda22
-
SHA1
db4a51e6683076e310397eff13a612bad5d58b7f
-
SHA256
e2fda6d96ce118658d5086326d4433e9537acf03b3aa14fd0fa35484041380c4
-
SHA512
566d8eb7be325fb266858bb61f0ac7de1b573f11a14830970baa54fb20eb8ab6d2b5767838012c888206ce68d67fc45d82b3ba2828e3e1b9b9b5e496a0ba0110
-
SSDEEP
3072:R504IcfpHlp1D2KcwjIU2aTObcpT/pHkEAbN/yK/fObT/bGiCV/COqoSQ/iBuAZZ:L04PfpHlp1KKcwjIDaTObcZ/pHkMK/f4
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2