General
-
Target
96f7475c7651c4ca987e34982630031c_JaffaCakes118
-
Size
108KB
-
Sample
240814-vw11catfmh
-
MD5
96f7475c7651c4ca987e34982630031c
-
SHA1
a6ee9de0d82b71dd5e9d804ce8bd4a5c922f79d7
-
SHA256
3bd54a4f51235e6edac408a3a1ac6418394d3e71c455cbada44c4e9c6bffad94
-
SHA512
a10808ddea2be329a301b91df6a9c221aec35f18566bba047eb6c695ce2b650b6aa9a6104f7dc5f9df20206745d7bb300a182571dd7331f28a136e26f078d84f
-
SSDEEP
1536:ZlX/V5bjes5mBVKuCrENMRs7I2LwhJt5G35Xm4ofWmkVpgWKBjWSKM8IVbnOha4y:7X/nQCs7IMWyDBr8
Malware Config
Targets
-
-
Target
96f7475c7651c4ca987e34982630031c_JaffaCakes118
-
Size
108KB
-
MD5
96f7475c7651c4ca987e34982630031c
-
SHA1
a6ee9de0d82b71dd5e9d804ce8bd4a5c922f79d7
-
SHA256
3bd54a4f51235e6edac408a3a1ac6418394d3e71c455cbada44c4e9c6bffad94
-
SHA512
a10808ddea2be329a301b91df6a9c221aec35f18566bba047eb6c695ce2b650b6aa9a6104f7dc5f9df20206745d7bb300a182571dd7331f28a136e26f078d84f
-
SSDEEP
1536:ZlX/V5bjes5mBVKuCrENMRs7I2LwhJt5G35Xm4ofWmkVpgWKBjWSKM8IVbnOha4y:7X/nQCs7IMWyDBr8
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2