General
-
Target
af41cff44d0347f01a87de68da7a28c8_JaffaCakes118
-
Size
156KB
-
Sample
240820-pv9yzasble
-
MD5
af41cff44d0347f01a87de68da7a28c8
-
SHA1
87c8706cd9864f9a91a21c45be6d567a7ca62466
-
SHA256
20d3919022cb05bf3cdf847baa51fe21e101b194f345eed7026c067b2023adc5
-
SHA512
d5c36c19694c0a3f19f078c6e9f75d1faa34c8b599924163b238a2d15d23c8af6eeab8645cb4269bec257e783255e4611678c2f001edb9fe88c3a3655d7eb0ed
-
SSDEEP
1536:0HkumpuYSBU8gRDGHPOGMmUbaxGAka+t/K9rCGaV9mw7Jqx8M+dzAb5QgRV8:DpuY0a4UbaxqkCGaVD7JqfKAb6o8
Malware Config
Targets
-
-
Target
af41cff44d0347f01a87de68da7a28c8_JaffaCakes118
-
Size
156KB
-
MD5
af41cff44d0347f01a87de68da7a28c8
-
SHA1
87c8706cd9864f9a91a21c45be6d567a7ca62466
-
SHA256
20d3919022cb05bf3cdf847baa51fe21e101b194f345eed7026c067b2023adc5
-
SHA512
d5c36c19694c0a3f19f078c6e9f75d1faa34c8b599924163b238a2d15d23c8af6eeab8645cb4269bec257e783255e4611678c2f001edb9fe88c3a3655d7eb0ed
-
SSDEEP
1536:0HkumpuYSBU8gRDGHPOGMmUbaxGAka+t/K9rCGaV9mw7Jqx8M+dzAb5QgRV8:DpuY0a4UbaxqkCGaVD7JqfKAb6o8
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2