General
-
Target
b338637b8ebc13fa814c8e07734da7eb_JaffaCakes118
-
Size
120KB
-
Sample
240821-m6532sydnj
-
MD5
b338637b8ebc13fa814c8e07734da7eb
-
SHA1
4294fa1e7d35062480a3566e8f81d94dbd25593d
-
SHA256
c92f6b57d1434162e3d75522b0469271333ad1d474c455f405125eccf4930789
-
SHA512
dfe7287af1b885b4d40a48bf802010f18958fe0f6fd99d0f055a0ce7ee62b0c90f5a2d80c9acb79bc1e7125fa91b63ba0dd14e084ac9c2812d185d996c6edba3
-
SSDEEP
768:bUrdbLYRnc/XOXVLW2qZ1RisVDaWGNMMMNMUF7//mk8KacrZxbjARZO+d1PK:AVscvwNWhZ1X7//mkjZxbURZO+d5
Malware Config
Targets
-
-
Target
b338637b8ebc13fa814c8e07734da7eb_JaffaCakes118
-
Size
120KB
-
MD5
b338637b8ebc13fa814c8e07734da7eb
-
SHA1
4294fa1e7d35062480a3566e8f81d94dbd25593d
-
SHA256
c92f6b57d1434162e3d75522b0469271333ad1d474c455f405125eccf4930789
-
SHA512
dfe7287af1b885b4d40a48bf802010f18958fe0f6fd99d0f055a0ce7ee62b0c90f5a2d80c9acb79bc1e7125fa91b63ba0dd14e084ac9c2812d185d996c6edba3
-
SSDEEP
768:bUrdbLYRnc/XOXVLW2qZ1RisVDaWGNMMMNMUF7//mk8KacrZxbjARZO+d1PK:AVscvwNWhZ1X7//mkjZxbURZO+d5
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2