General
-
Target
a49d059bfa8061654035cf67ba09994a_JaffaCakes118
-
Size
260KB
-
Sample
240817-3p82datfkd
-
MD5
a49d059bfa8061654035cf67ba09994a
-
SHA1
6bd5de3444b0e3ac696b6fe2d6f00ddff9ade3de
-
SHA256
c26e8367735bd562116320446c2dc3e09bf41cd6e98608c9a3edb97bbae72cc4
-
SHA512
6fd0c10f2ab141ab3ffe13f41b86c7884af3536bdde1fbe1041fe301aaa61ba6b8c5d93a1a60f1d7ec8002033f0d09478c40ff82935a4b40cc4bfecf6961aa8e
-
SSDEEP
3072:5kpcPIDHQXftsa01SOq1RY4uJr/I5fEKcpGJsXS9e:acPIDd+JleGJ99
Malware Config
Targets
-
-
Target
a49d059bfa8061654035cf67ba09994a_JaffaCakes118
-
Size
260KB
-
MD5
a49d059bfa8061654035cf67ba09994a
-
SHA1
6bd5de3444b0e3ac696b6fe2d6f00ddff9ade3de
-
SHA256
c26e8367735bd562116320446c2dc3e09bf41cd6e98608c9a3edb97bbae72cc4
-
SHA512
6fd0c10f2ab141ab3ffe13f41b86c7884af3536bdde1fbe1041fe301aaa61ba6b8c5d93a1a60f1d7ec8002033f0d09478c40ff82935a4b40cc4bfecf6961aa8e
-
SSDEEP
3072:5kpcPIDHQXftsa01SOq1RY4uJr/I5fEKcpGJsXS9e:acPIDd+JleGJ99
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2