General
-
Target
a2838411366245755b7fc7fbe7505f6d_JaffaCakes118
-
Size
148KB
-
Sample
240817-pkh3hayanj
-
MD5
a2838411366245755b7fc7fbe7505f6d
-
SHA1
2d6387cf2d3b5a2b629c50a9a70ee803801635c9
-
SHA256
bddb8b0d5362714b3d6df091108f0247231acf675f3c9fcb1292397fe01258f8
-
SHA512
4967058635c3afda5524d09348751b388687fc20e39e1311a4e168c8afa0fbc1dca3ce3732aaa99eed832c839503d89b68dc680272fac0dcf19bff6e24848a09
-
SSDEEP
3072:DiFqQh4mRpDGq7At/yRWr2wA36nbMUq8hFOdhIIUrE5j4oQYb:uFFh96F90Wf7nJPwdhdZb
Malware Config
Targets
-
-
Target
a2838411366245755b7fc7fbe7505f6d_JaffaCakes118
-
Size
148KB
-
MD5
a2838411366245755b7fc7fbe7505f6d
-
SHA1
2d6387cf2d3b5a2b629c50a9a70ee803801635c9
-
SHA256
bddb8b0d5362714b3d6df091108f0247231acf675f3c9fcb1292397fe01258f8
-
SHA512
4967058635c3afda5524d09348751b388687fc20e39e1311a4e168c8afa0fbc1dca3ce3732aaa99eed832c839503d89b68dc680272fac0dcf19bff6e24848a09
-
SSDEEP
3072:DiFqQh4mRpDGq7At/yRWr2wA36nbMUq8hFOdhIIUrE5j4oQYb:uFFh96F90Wf7nJPwdhdZb
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2