General
-
Target
b3094d38fcadda0ab26a5e7b4b267a20_JaffaCakes118
-
Size
100KB
-
Sample
240821-l37a9sscre
-
MD5
b3094d38fcadda0ab26a5e7b4b267a20
-
SHA1
d8bdb6e9565b56d8762db565f8d9cc962882411e
-
SHA256
ce4e5709847c84d1fe2284ba28ac921ac55bf4231ed73a45f74b12406c478584
-
SHA512
25104de85d9ac55afdfe3ffe4d8d9502a971ac68605643769012f8e97e68740d47c01cc12c0d71f9df65259f8ebb7d97cf12629dbc6258295d9d39f2bcb71276
-
SSDEEP
1536:h4tGz82NTzw0MGAc4ohrPXo+73Rez8b0SyKNIjnZrJ:9wDurPX7CKCnlJ
Malware Config
Targets
-
-
Target
b3094d38fcadda0ab26a5e7b4b267a20_JaffaCakes118
-
Size
100KB
-
MD5
b3094d38fcadda0ab26a5e7b4b267a20
-
SHA1
d8bdb6e9565b56d8762db565f8d9cc962882411e
-
SHA256
ce4e5709847c84d1fe2284ba28ac921ac55bf4231ed73a45f74b12406c478584
-
SHA512
25104de85d9ac55afdfe3ffe4d8d9502a971ac68605643769012f8e97e68740d47c01cc12c0d71f9df65259f8ebb7d97cf12629dbc6258295d9d39f2bcb71276
-
SSDEEP
1536:h4tGz82NTzw0MGAc4ohrPXo+73Rez8b0SyKNIjnZrJ:9wDurPX7CKCnlJ
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2