General
-
Target
b250f9909db363d2e6d47582b271e56d_JaffaCakes118
-
Size
132KB
-
Sample
240821-gjzpvsweqj
-
MD5
b250f9909db363d2e6d47582b271e56d
-
SHA1
b526ee89432ee43a04cd7e2916c25fd7501dc478
-
SHA256
47680bb83784810400ada717cc1433c6cccd336c20b0f99cc90c9b7ae6a409b5
-
SHA512
38a6f3fbd6ee9cf1689fd2abb74ad8dd61e63aae33daefec96dc5393860983346776a872c98603c454da08c47aa6b01f336cde2f458ec080bc2c33e4d60d7da6
-
SSDEEP
1536:xXm4x/T2H6rM2qEbBkIvI4DyQDIws/HmmYbRdfuL0wo7JaS1:zx/T2H63qEbBkn4e2s/HmlTfdwQL
Malware Config
Targets
-
-
Target
b250f9909db363d2e6d47582b271e56d_JaffaCakes118
-
Size
132KB
-
MD5
b250f9909db363d2e6d47582b271e56d
-
SHA1
b526ee89432ee43a04cd7e2916c25fd7501dc478
-
SHA256
47680bb83784810400ada717cc1433c6cccd336c20b0f99cc90c9b7ae6a409b5
-
SHA512
38a6f3fbd6ee9cf1689fd2abb74ad8dd61e63aae33daefec96dc5393860983346776a872c98603c454da08c47aa6b01f336cde2f458ec080bc2c33e4d60d7da6
-
SSDEEP
1536:xXm4x/T2H6rM2qEbBkIvI4DyQDIws/HmmYbRdfuL0wo7JaS1:zx/T2H63qEbBkn4e2s/HmlTfdwQL
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2