General
-
Target
b0e4ea43438a853ff1a988c74889793b_JaffaCakes118
-
Size
364KB
-
Sample
240820-z9kyhatfre
-
MD5
b0e4ea43438a853ff1a988c74889793b
-
SHA1
e2608fd7fbe62422b30c07769c46f7fc4084958d
-
SHA256
a1020259c9bcc57dde2c823dcd57b724ed08af8de9a396e8a4180165bb0b751c
-
SHA512
388926e6d166602b8c75e47faadb6b10305fc495a610b90d01324836f3cf264f4f13b2c43c9969e83960475b95a22a31fdb42c1e62c6e4c44ebc9362404ed58a
-
SSDEEP
3072:MWGAiXP9oJuGEnvBGHplTOoX56B4uE7U4iy+LwldhzNkYMvMZqvR2Z6toRG9DOsS:29GuPnvBUxYJxwphkYMvMZEDO
Malware Config
Targets
-
-
Target
b0e4ea43438a853ff1a988c74889793b_JaffaCakes118
-
Size
364KB
-
MD5
b0e4ea43438a853ff1a988c74889793b
-
SHA1
e2608fd7fbe62422b30c07769c46f7fc4084958d
-
SHA256
a1020259c9bcc57dde2c823dcd57b724ed08af8de9a396e8a4180165bb0b751c
-
SHA512
388926e6d166602b8c75e47faadb6b10305fc495a610b90d01324836f3cf264f4f13b2c43c9969e83960475b95a22a31fdb42c1e62c6e4c44ebc9362404ed58a
-
SSDEEP
3072:MWGAiXP9oJuGEnvBGHplTOoX56B4uE7U4iy+LwldhzNkYMvMZqvR2Z6toRG9DOsS:29GuPnvBUxYJxwphkYMvMZEDO
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2