General
-
Target
ac499e4b718d2c8acca7be8f22478463_JaffaCakes118
-
Size
236KB
-
Sample
240819-x9sl8ssbkb
-
MD5
ac499e4b718d2c8acca7be8f22478463
-
SHA1
01ef811bfa4a14006e3b41c3dcf5498589db48ec
-
SHA256
614768866ea0d305763ea25f0867cd597b495eec0de9108f26da798ff0fd2bba
-
SHA512
877ccbc088cb79f3e37e82feb12aca4e51c61d321333bc37f57b16467ee3892bb3763d24d2bf378e7fe5419321956f22da03c1ed711e5514a880c30187373801
-
SSDEEP
6144:XsaKCiUNxlBDe2WmHioZW+ZigxpEJAYyXSWIc9sKB+:ckLlBDeLmHioZWEigxpYAYlbc9TB
Malware Config
Targets
-
-
Target
ac499e4b718d2c8acca7be8f22478463_JaffaCakes118
-
Size
236KB
-
MD5
ac499e4b718d2c8acca7be8f22478463
-
SHA1
01ef811bfa4a14006e3b41c3dcf5498589db48ec
-
SHA256
614768866ea0d305763ea25f0867cd597b495eec0de9108f26da798ff0fd2bba
-
SHA512
877ccbc088cb79f3e37e82feb12aca4e51c61d321333bc37f57b16467ee3892bb3763d24d2bf378e7fe5419321956f22da03c1ed711e5514a880c30187373801
-
SSDEEP
6144:XsaKCiUNxlBDe2WmHioZW+ZigxpEJAYyXSWIc9sKB+:ckLlBDeLmHioZWEigxpYAYlbc9TB
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2