General
-
Target
aaeae6e5307ca0ed764d7fd8e0f5e4e8_JaffaCakes118
-
Size
164KB
-
Sample
240819-n3mb7sseqa
-
MD5
aaeae6e5307ca0ed764d7fd8e0f5e4e8
-
SHA1
deee35964846de6fe0d4eb753fc47922917d7d36
-
SHA256
5ebfb2fe3d139701b25875cec72d2d3f8bfa3fc1495a6239b348cf57e075ef85
-
SHA512
a374339bdda2dea4a50aeba4fa86396d9099ead3302f69f460dc4d2bd971da7fd2bfe6cd533c51b130df8d9c1e869a607ddeda710ca830139cf5d185e6b67359
-
SSDEEP
3072:FsUaAUA7toYj3Bc8T828UAw1XiazCgaN8L2YAgIxE5j4oQU:8Axiaxc8Y28I1XiUq8sgVd
Malware Config
Targets
-
-
Target
aaeae6e5307ca0ed764d7fd8e0f5e4e8_JaffaCakes118
-
Size
164KB
-
MD5
aaeae6e5307ca0ed764d7fd8e0f5e4e8
-
SHA1
deee35964846de6fe0d4eb753fc47922917d7d36
-
SHA256
5ebfb2fe3d139701b25875cec72d2d3f8bfa3fc1495a6239b348cf57e075ef85
-
SHA512
a374339bdda2dea4a50aeba4fa86396d9099ead3302f69f460dc4d2bd971da7fd2bfe6cd533c51b130df8d9c1e869a607ddeda710ca830139cf5d185e6b67359
-
SSDEEP
3072:FsUaAUA7toYj3Bc8T828UAw1XiazCgaN8L2YAgIxE5j4oQU:8Axiaxc8Y28I1XiUq8sgVd
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2