General
-
Target
afce39fc95e0c21846a96202c99b3662_JaffaCakes118
-
Size
132KB
-
Sample
240820-s2mzkaterj
-
MD5
afce39fc95e0c21846a96202c99b3662
-
SHA1
94c496612ca2c10f0b1e9fb71ae2192599cd19c9
-
SHA256
8354220de9015fb535e01a03467999fe02c4596df21eb72690d2fcd7bdb3ade2
-
SHA512
1e8dda30ec957b575807cfd5fec4b803acf3a8d2daded4a2ff488dfa42f5d4e9bb0c2f0055056ba78236dc163b262a6b6ad0c2f0ec1f58d9ee107c2caa2b51c5
-
SSDEEP
1536:si1Zyiu8FIIKZrDJxtJu9uRiIelOQ212IE6jDSUaWpsE4BjP4YTysOkt5ycQg:zZy8Q89uRvsW6EqysOyLX
Malware Config
Targets
-
-
Target
afce39fc95e0c21846a96202c99b3662_JaffaCakes118
-
Size
132KB
-
MD5
afce39fc95e0c21846a96202c99b3662
-
SHA1
94c496612ca2c10f0b1e9fb71ae2192599cd19c9
-
SHA256
8354220de9015fb535e01a03467999fe02c4596df21eb72690d2fcd7bdb3ade2
-
SHA512
1e8dda30ec957b575807cfd5fec4b803acf3a8d2daded4a2ff488dfa42f5d4e9bb0c2f0055056ba78236dc163b262a6b6ad0c2f0ec1f58d9ee107c2caa2b51c5
-
SSDEEP
1536:si1Zyiu8FIIKZrDJxtJu9uRiIelOQ212IE6jDSUaWpsE4BjP4YTysOkt5ycQg:zZy8Q89uRvsW6EqysOyLX
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2