General
-
Target
a526985b22cb00762cdcf38b018faaad_JaffaCakes118
-
Size
148KB
-
Sample
240818-dmf55svemp
-
MD5
a526985b22cb00762cdcf38b018faaad
-
SHA1
ba432a5d53fd3b08e20378a6d4d1831b98b8287d
-
SHA256
79f507d85660148cb2630561f7510bf5d00330b2da31dccc51bf7ff8a0ca3d99
-
SHA512
a7b5e6536e4605299c20bacfd53077588012339add34d34d4de366ac5e6831092c8a7ca56886f19719ac1d6562db7d40c2221286792e8e515d3e32b9898d134d
-
SSDEEP
3072:/iF+Qh4mRpDGq7At/yRWr2wA36nbMUq8hFOdhIk4oQZiE8tR:KFJh96F90Wf7nJPwdzWY
Malware Config
Targets
-
-
Target
a526985b22cb00762cdcf38b018faaad_JaffaCakes118
-
Size
148KB
-
MD5
a526985b22cb00762cdcf38b018faaad
-
SHA1
ba432a5d53fd3b08e20378a6d4d1831b98b8287d
-
SHA256
79f507d85660148cb2630561f7510bf5d00330b2da31dccc51bf7ff8a0ca3d99
-
SHA512
a7b5e6536e4605299c20bacfd53077588012339add34d34d4de366ac5e6831092c8a7ca56886f19719ac1d6562db7d40c2221286792e8e515d3e32b9898d134d
-
SSDEEP
3072:/iF+Qh4mRpDGq7At/yRWr2wA36nbMUq8hFOdhIk4oQZiE8tR:KFJh96F90Wf7nJPwdzWY
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2