General
-
Target
a63ffda5c34b80b656d6806369cf0ea6_JaffaCakes118
-
Size
124KB
-
Sample
240818-lf1vzazeqr
-
MD5
a63ffda5c34b80b656d6806369cf0ea6
-
SHA1
a8f1e818f0b43ed6083bbe17214df1d78140eae9
-
SHA256
99cfa2573e1f9838cfcafec6de8c6b6075797c70a4d497f94b833efa6ec0d578
-
SHA512
31829ea2bbd3660c6a168a96d691974f11bb7e62f3f77d8ae51d5eaa18915981199933c90923c3d78c9e3b542ec92c65c482d29f110160e3af2dde5189605c7e
-
SSDEEP
1536:PcEPhwRZuuBxeDtMYHa27J14ltxporZ45i8NeG0h/E:UEPhwRckeV6gJ1uCt45OM
Malware Config
Targets
-
-
Target
a63ffda5c34b80b656d6806369cf0ea6_JaffaCakes118
-
Size
124KB
-
MD5
a63ffda5c34b80b656d6806369cf0ea6
-
SHA1
a8f1e818f0b43ed6083bbe17214df1d78140eae9
-
SHA256
99cfa2573e1f9838cfcafec6de8c6b6075797c70a4d497f94b833efa6ec0d578
-
SHA512
31829ea2bbd3660c6a168a96d691974f11bb7e62f3f77d8ae51d5eaa18915981199933c90923c3d78c9e3b542ec92c65c482d29f110160e3af2dde5189605c7e
-
SSDEEP
1536:PcEPhwRZuuBxeDtMYHa27J14ltxporZ45i8NeG0h/E:UEPhwRckeV6gJ1uCt45OM
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2