General
-
Target
a9468867b4776ff43f324ebd65ff145a_JaffaCakes118
-
Size
100KB
-
Sample
240819-c97qyazfma
-
MD5
a9468867b4776ff43f324ebd65ff145a
-
SHA1
43cb0e66e8f3d05b6f9750fa71174e4c3d70a48e
-
SHA256
eba19e50327bf5e91b135d94470eca890a4bd22d4acac223d0fe9d3d57dad053
-
SHA512
9466d7ac76e445cc1da46f8104bfc5e1eb2f73bebe98bc50fc51026b269bfac51b73e75be892945ab15cb7702b4e118af32a52e327d10a17f95ee04556e7629d
-
SSDEEP
1536:cXtGG82NTzwWMGAc4ohrPXo+73Rez8b0SyuNIjeM:AwZurPX7CuCB
Malware Config
Targets
-
-
Target
a9468867b4776ff43f324ebd65ff145a_JaffaCakes118
-
Size
100KB
-
MD5
a9468867b4776ff43f324ebd65ff145a
-
SHA1
43cb0e66e8f3d05b6f9750fa71174e4c3d70a48e
-
SHA256
eba19e50327bf5e91b135d94470eca890a4bd22d4acac223d0fe9d3d57dad053
-
SHA512
9466d7ac76e445cc1da46f8104bfc5e1eb2f73bebe98bc50fc51026b269bfac51b73e75be892945ab15cb7702b4e118af32a52e327d10a17f95ee04556e7629d
-
SSDEEP
1536:cXtGG82NTzwWMGAc4ohrPXo+73Rez8b0SyuNIjeM:AwZurPX7CuCB
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2