General
-
Target
aef9334a4c675ca04c050597035b7cc7_JaffaCakes118
-
Size
204KB
-
Sample
240820-m65ghssbqq
-
MD5
aef9334a4c675ca04c050597035b7cc7
-
SHA1
115c00c6c401326ebbf3c4cf139d8d0f7329b5a7
-
SHA256
1d3c807ab52ad6e84d8329327348ec6a41d75636e8b4fd79d70dca17019ee85f
-
SHA512
94099d0adc718b6d6991653f8e895ed351488c14f1a50fd0b2f1be81c6fb7d1c3c69f5514af528707f845154d5501d4b4817fdc7960763d0c6d7c8669ff0183c
-
SSDEEP
3072:zu/SBYSTWor5Jp0AisM/8jp6tdlWbRVslWQifgO4F0SlD4:z/TWqJ+RsM/8E/IbRuLifI0SW
Malware Config
Targets
-
-
Target
aef9334a4c675ca04c050597035b7cc7_JaffaCakes118
-
Size
204KB
-
MD5
aef9334a4c675ca04c050597035b7cc7
-
SHA1
115c00c6c401326ebbf3c4cf139d8d0f7329b5a7
-
SHA256
1d3c807ab52ad6e84d8329327348ec6a41d75636e8b4fd79d70dca17019ee85f
-
SHA512
94099d0adc718b6d6991653f8e895ed351488c14f1a50fd0b2f1be81c6fb7d1c3c69f5514af528707f845154d5501d4b4817fdc7960763d0c6d7c8669ff0183c
-
SSDEEP
3072:zu/SBYSTWor5Jp0AisM/8jp6tdlWbRVslWQifgO4F0SlD4:z/TWqJ+RsM/8E/IbRuLifI0SW
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2