General
-
Target
b12d09c854150021d20efe9b9be44caf_JaffaCakes118
-
Size
320KB
-
Sample
240820-2vvv9sxflh
-
MD5
b12d09c854150021d20efe9b9be44caf
-
SHA1
b634a4431818ebe86365d4c1ae68e7739e946ce8
-
SHA256
836483db1a355db0234e7734e3de2bf9953c20ac694b12d32e00be376aae1894
-
SHA512
002813a1d4afd83c9e19ff025936bd68e988de9e833502864bfea82a62091e7b693913afc76f859675c1a1b71cf89fdb7dacd4a3d220484aea30cce9a77a6005
-
SSDEEP
6144:YAearVccvg2N9rljS6/Vt6MwJD0i/pv8ZaROiixeq6N3sUjgHTvzfHuPwXKjK51:oafvg2N9R5+voeq6N3sv6O51
Malware Config
Targets
-
-
Target
b12d09c854150021d20efe9b9be44caf_JaffaCakes118
-
Size
320KB
-
MD5
b12d09c854150021d20efe9b9be44caf
-
SHA1
b634a4431818ebe86365d4c1ae68e7739e946ce8
-
SHA256
836483db1a355db0234e7734e3de2bf9953c20ac694b12d32e00be376aae1894
-
SHA512
002813a1d4afd83c9e19ff025936bd68e988de9e833502864bfea82a62091e7b693913afc76f859675c1a1b71cf89fdb7dacd4a3d220484aea30cce9a77a6005
-
SSDEEP
6144:YAearVccvg2N9rljS6/Vt6MwJD0i/pv8ZaROiixeq6N3sUjgHTvzfHuPwXKjK51:oafvg2N9R5+voeq6N3sv6O51
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2