General
-
Target
a91fe8b67b918c4162b065327260bf1c_JaffaCakes118
-
Size
232KB
-
Sample
240819-ccr9zsxhmf
-
MD5
a91fe8b67b918c4162b065327260bf1c
-
SHA1
bc21c0267f0a1275fb1d147e9060fda0bd609bb0
-
SHA256
1016f70b9d719a97730aefdebf9721fd53dbddf42532ed0f9cbbb15afe6bc173
-
SHA512
e492db46a3d94b97796d4b7a870514ac5b87ce347cb2b65bc40f831dd35de29f6b1debf58a372d4072fc81dcf70bbb63f526aa1b540ef1f4e123067ff716f0c4
-
SSDEEP
6144:ky173PFKs78vpRTlEqxF6snji81RUinKbsI:JPhu
Malware Config
Targets
-
-
Target
a91fe8b67b918c4162b065327260bf1c_JaffaCakes118
-
Size
232KB
-
MD5
a91fe8b67b918c4162b065327260bf1c
-
SHA1
bc21c0267f0a1275fb1d147e9060fda0bd609bb0
-
SHA256
1016f70b9d719a97730aefdebf9721fd53dbddf42532ed0f9cbbb15afe6bc173
-
SHA512
e492db46a3d94b97796d4b7a870514ac5b87ce347cb2b65bc40f831dd35de29f6b1debf58a372d4072fc81dcf70bbb63f526aa1b540ef1f4e123067ff716f0c4
-
SSDEEP
6144:ky173PFKs78vpRTlEqxF6snji81RUinKbsI:JPhu
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2