General
-
Target
a8264e9100444f364bfa7d476ab806cd_JaffaCakes118
-
Size
116KB
-
Sample
240818-zkxwrswgkk
-
MD5
a8264e9100444f364bfa7d476ab806cd
-
SHA1
43ef1f93a5e246b4ef61e101371c2344fd163b99
-
SHA256
3a1f95fe2baab2bfae39bae5ffcfc95ee6c250701751075b91d8fdb5948ff36f
-
SHA512
d8082968214012e099af70efa896674c73a5ebb82cf717c76d0dcbc400a27d49b0b33d6322a5a30156cad44b5f61cee8290a68ee3f11ce4b3761a8bb6b2db271
-
SSDEEP
1536:wEpxoi++88Kw6KBOIW4Z8HO1Zwt0f4HeDUEdMOPy9sbgN3wo7JaS4:tpu+8fIr1ZNDUEdawQq
Malware Config
Targets
-
-
Target
a8264e9100444f364bfa7d476ab806cd_JaffaCakes118
-
Size
116KB
-
MD5
a8264e9100444f364bfa7d476ab806cd
-
SHA1
43ef1f93a5e246b4ef61e101371c2344fd163b99
-
SHA256
3a1f95fe2baab2bfae39bae5ffcfc95ee6c250701751075b91d8fdb5948ff36f
-
SHA512
d8082968214012e099af70efa896674c73a5ebb82cf717c76d0dcbc400a27d49b0b33d6322a5a30156cad44b5f61cee8290a68ee3f11ce4b3761a8bb6b2db271
-
SSDEEP
1536:wEpxoi++88Kw6KBOIW4Z8HO1Zwt0f4HeDUEdMOPy9sbgN3wo7JaS4:tpu+8fIr1ZNDUEdawQq
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2