General
-
Target
a0b88449fa9d5c665a7bf34baf1017f4_JaffaCakes118
-
Size
192KB
-
Sample
240817-bza4jsshmn
-
MD5
a0b88449fa9d5c665a7bf34baf1017f4
-
SHA1
7a6fa8b638202c1bd0f5d38cb6fcfcca65307585
-
SHA256
bde8f251570d68d0ac9b47a742dc41592341a107ee3ac17545c1fadbdd6d1a26
-
SHA512
0bb75ce2946a21e5cf3aa8547c06db85cc039f864d70fb38916120cef67ade29062ef7a9f2993be907d0be373c87f4f3dde68d4092aa010e03da59c2988df0af
-
SSDEEP
1536:Tfcw2Oaxaaaaat031AdQWB5kCFrWszRUOHFlQhzyLwVKftfVBiZHAPloFp5A2mbb:KO0W3kCFrWsF2eLbqx2DwFs89
Malware Config
Targets
-
-
Target
a0b88449fa9d5c665a7bf34baf1017f4_JaffaCakes118
-
Size
192KB
-
MD5
a0b88449fa9d5c665a7bf34baf1017f4
-
SHA1
7a6fa8b638202c1bd0f5d38cb6fcfcca65307585
-
SHA256
bde8f251570d68d0ac9b47a742dc41592341a107ee3ac17545c1fadbdd6d1a26
-
SHA512
0bb75ce2946a21e5cf3aa8547c06db85cc039f864d70fb38916120cef67ade29062ef7a9f2993be907d0be373c87f4f3dde68d4092aa010e03da59c2988df0af
-
SSDEEP
1536:Tfcw2Oaxaaaaat031AdQWB5kCFrWszRUOHFlQhzyLwVKftfVBiZHAPloFp5A2mbb:KO0W3kCFrWsF2eLbqx2DwFs89
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2