General
-
Target
a8436ba516d87086e27462e53601603a_JaffaCakes118
-
Size
92KB
-
Sample
240818-z8tt1svfjd
-
MD5
a8436ba516d87086e27462e53601603a
-
SHA1
4f58fb6ebe43a88fa84e554b8435775b5f132bec
-
SHA256
5fb1ec78c1fd7cf214d7e49f4b4946f0568e50161a935bef596996205e833e42
-
SHA512
09ba0837f0d3076642f30d6a5d78b89a64fb298fd46bc36ff2d08482f0ae528da6329b884dd828a6cf332632a9961b2162bfd55e0384911d2557d2e311ebd4d2
-
SSDEEP
1536:KTRUONqJbtdiivGVR6njalbA/yTgFmLrgc1cWcZc+c5cusZy7xp0gZPkg:KUkqJtdJy8iAyzZPb
Malware Config
Targets
-
-
Target
a8436ba516d87086e27462e53601603a_JaffaCakes118
-
Size
92KB
-
MD5
a8436ba516d87086e27462e53601603a
-
SHA1
4f58fb6ebe43a88fa84e554b8435775b5f132bec
-
SHA256
5fb1ec78c1fd7cf214d7e49f4b4946f0568e50161a935bef596996205e833e42
-
SHA512
09ba0837f0d3076642f30d6a5d78b89a64fb298fd46bc36ff2d08482f0ae528da6329b884dd828a6cf332632a9961b2162bfd55e0384911d2557d2e311ebd4d2
-
SSDEEP
1536:KTRUONqJbtdiivGVR6njalbA/yTgFmLrgc1cWcZc+c5cusZy7xp0gZPkg:KUkqJtdJy8iAyzZPb
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2