General
-
Target
afe58cc630443312152dce742c796a3e_JaffaCakes118
-
Size
140KB
-
Sample
240820-tj6vds1dnc
-
MD5
afe58cc630443312152dce742c796a3e
-
SHA1
3666020d8ce51e5dffa6f4a55990621da1f9053a
-
SHA256
b4f11f45e1b34a33e871f8a15688c0eeb24d22a999ecb468eeade571834c323f
-
SHA512
301cd968f658111fcf235d0908db520893c2ca3d963bb801c660744a77074f864047bd03f49c3224716f08bea490fcb6804402f24a051aec59e6279173aa7926
-
SSDEEP
3072:Neg686HVwpJunwUZ6a7a6+kS4AGc2vCLx53RmJesQ:Nm861wpJs/BFS1GcIExdRgesQ
Malware Config
Targets
-
-
Target
afe58cc630443312152dce742c796a3e_JaffaCakes118
-
Size
140KB
-
MD5
afe58cc630443312152dce742c796a3e
-
SHA1
3666020d8ce51e5dffa6f4a55990621da1f9053a
-
SHA256
b4f11f45e1b34a33e871f8a15688c0eeb24d22a999ecb468eeade571834c323f
-
SHA512
301cd968f658111fcf235d0908db520893c2ca3d963bb801c660744a77074f864047bd03f49c3224716f08bea490fcb6804402f24a051aec59e6279173aa7926
-
SSDEEP
3072:Neg686HVwpJunwUZ6a7a6+kS4AGc2vCLx53RmJesQ:Nm861wpJs/BFS1GcIExdRgesQ
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2