General
-
Target
a5ca8da8d8efd120d91c8df0beb76509_JaffaCakes118
-
Size
448KB
-
Sample
240818-hl63dstgkr
-
MD5
a5ca8da8d8efd120d91c8df0beb76509
-
SHA1
f2fe4ee129e5b71f56157eb547468935f4adb8a0
-
SHA256
e60d3aefc0d133fa7afe41a504498bb9d8dc25a6496eb2c1bdf9bb29c353d25c
-
SHA512
f0ba3c7dc9c36a8f70e085d52b28e2ea85d4a8800c67a38257a1a05a7e07bf0c40a77e4cf5b74dbe69616ce7f799f42a58b20b7a94c93d163595c7ee32077fdc
-
SSDEEP
6144:4wop2pYsjqFk7qFoQudlhixeWrS4ijMI7cGzgF:4wop2pYL2QudA4gzHF
Malware Config
Targets
-
-
Target
a5ca8da8d8efd120d91c8df0beb76509_JaffaCakes118
-
Size
448KB
-
MD5
a5ca8da8d8efd120d91c8df0beb76509
-
SHA1
f2fe4ee129e5b71f56157eb547468935f4adb8a0
-
SHA256
e60d3aefc0d133fa7afe41a504498bb9d8dc25a6496eb2c1bdf9bb29c353d25c
-
SHA512
f0ba3c7dc9c36a8f70e085d52b28e2ea85d4a8800c67a38257a1a05a7e07bf0c40a77e4cf5b74dbe69616ce7f799f42a58b20b7a94c93d163595c7ee32077fdc
-
SSDEEP
6144:4wop2pYsjqFk7qFoQudlhixeWrS4ijMI7cGzgF:4wop2pYL2QudA4gzHF
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2