General
-
Target
9767f0b85a2b8fc11610ab5309ad70b0_JaffaCakes118
-
Size
96KB
-
Sample
240814-yds4kazgpb
-
MD5
9767f0b85a2b8fc11610ab5309ad70b0
-
SHA1
d94d7d4b89f345974e4fb5aa0c27a95184611afe
-
SHA256
1ec2481f898be469d072ca557227a5d662ef9bd77450e1378f553907c00cba37
-
SHA512
f2b47a8f47b062c2b12584740795a964519eed16989b65c9b85283ab4059c1285c6fca09ac2270f5a6ef52478dd703b3a045d4a4057526b3151daf285990ff4a
-
SSDEEP
1536:kzQBHXf6cO/hHkGulSc16l6u+NMMl/KlYv1Tq5ThFfNIjnZLx:DEh4lu8CFFfCnZx
Malware Config
Targets
-
-
Target
9767f0b85a2b8fc11610ab5309ad70b0_JaffaCakes118
-
Size
96KB
-
MD5
9767f0b85a2b8fc11610ab5309ad70b0
-
SHA1
d94d7d4b89f345974e4fb5aa0c27a95184611afe
-
SHA256
1ec2481f898be469d072ca557227a5d662ef9bd77450e1378f553907c00cba37
-
SHA512
f2b47a8f47b062c2b12584740795a964519eed16989b65c9b85283ab4059c1285c6fca09ac2270f5a6ef52478dd703b3a045d4a4057526b3151daf285990ff4a
-
SSDEEP
1536:kzQBHXf6cO/hHkGulSc16l6u+NMMl/KlYv1Tq5ThFfNIjnZLx:DEh4lu8CFFfCnZx
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2