General
-
Target
afc94d01101a120f0aceb074b6e539cb_JaffaCakes118
-
Size
100KB
-
Sample
240820-syhwfatdmn
-
MD5
afc94d01101a120f0aceb074b6e539cb
-
SHA1
00c819af68104bfcf394625cff3ad9108df47274
-
SHA256
818f899dd6a14a7daf4e556d42cc05325aa53a2ccedd7ca8229e8eecbec61edf
-
SHA512
ff1633d1807cdcf607c4c832c5cb23ae8bcd88ad648ece81a234adcbb9bd6c4e78ef9d6bb2e4f921320af8c9f3b652749531f710abe8708544b5fadc7206594a
-
SSDEEP
1536:BUtGk82NTzwJu2MGAc4ohrPXo+73Rez8b0Sy2NIjnZMd:KwuurPX7C2Cned
Malware Config
Targets
-
-
Target
afc94d01101a120f0aceb074b6e539cb_JaffaCakes118
-
Size
100KB
-
MD5
afc94d01101a120f0aceb074b6e539cb
-
SHA1
00c819af68104bfcf394625cff3ad9108df47274
-
SHA256
818f899dd6a14a7daf4e556d42cc05325aa53a2ccedd7ca8229e8eecbec61edf
-
SHA512
ff1633d1807cdcf607c4c832c5cb23ae8bcd88ad648ece81a234adcbb9bd6c4e78ef9d6bb2e4f921320af8c9f3b652749531f710abe8708544b5fadc7206594a
-
SSDEEP
1536:BUtGk82NTzwJu2MGAc4ohrPXo+73Rez8b0Sy2NIjnZMd:KwuurPX7C2Cned
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2