General
-
Target
964cbbbd6c430557cb16919614e1e373_JaffaCakes118
-
Size
176KB
-
Sample
240814-qtt2ssvdlb
-
MD5
964cbbbd6c430557cb16919614e1e373
-
SHA1
7b94f7967d6480dbabb9e1d084b1c05444d91d6f
-
SHA256
8340546bb9832e62f7f2a1863adb8883305b6fb6ebd6f20e17d9beab468acdc2
-
SHA512
3194f6188e484a83fe2e3ba9bf16cf98b897c13fe8f66fbe9763fc55b20752cdd5ec6a8ee8def0b1896ed579e15770350ad488a52447cc294d279734502fd024
-
SSDEEP
3072:/taGK/fObT/bGiS3LOClnkZQxlrUax81zX1faK0U9C00hKex9nQ3b7a5VpIC+RZ+:/t1K/fObT/bGiELOSnkZQxlrUax8NX1w
Malware Config
Targets
-
-
Target
964cbbbd6c430557cb16919614e1e373_JaffaCakes118
-
Size
176KB
-
MD5
964cbbbd6c430557cb16919614e1e373
-
SHA1
7b94f7967d6480dbabb9e1d084b1c05444d91d6f
-
SHA256
8340546bb9832e62f7f2a1863adb8883305b6fb6ebd6f20e17d9beab468acdc2
-
SHA512
3194f6188e484a83fe2e3ba9bf16cf98b897c13fe8f66fbe9763fc55b20752cdd5ec6a8ee8def0b1896ed579e15770350ad488a52447cc294d279734502fd024
-
SSDEEP
3072:/taGK/fObT/bGiS3LOClnkZQxlrUax81zX1faK0U9C00hKex9nQ3b7a5VpIC+RZ+:/t1K/fObT/bGiELOSnkZQxlrUax8NX1w
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2