General
-
Target
b3c7d4249a0457d93d630b42d6a8759f_JaffaCakes118
-
Size
240KB
-
Sample
240821-rhsj9swdlm
-
MD5
b3c7d4249a0457d93d630b42d6a8759f
-
SHA1
03be962c3456d3cb15b2298b58f0c5a6a226a92a
-
SHA256
7eb865faae0f7623ca9a9032ff8a5b8a57768c9d06cd30f5fbefdecb26561a88
-
SHA512
0972e4ccd514958fa4fd323b93f741fe45b4da87480964fdad831d0466287e58722e5c59cd50d8a1da7fd1f1b3bf836b12bf2e562994cee7dd6e1d4e70ceda33
-
SSDEEP
6144:Aw3dwqsNTNEXGlQR58EqxF6snji81RUinKq3aEESliDy:AqdQKjeaEEp
Malware Config
Targets
-
-
Target
b3c7d4249a0457d93d630b42d6a8759f_JaffaCakes118
-
Size
240KB
-
MD5
b3c7d4249a0457d93d630b42d6a8759f
-
SHA1
03be962c3456d3cb15b2298b58f0c5a6a226a92a
-
SHA256
7eb865faae0f7623ca9a9032ff8a5b8a57768c9d06cd30f5fbefdecb26561a88
-
SHA512
0972e4ccd514958fa4fd323b93f741fe45b4da87480964fdad831d0466287e58722e5c59cd50d8a1da7fd1f1b3bf836b12bf2e562994cee7dd6e1d4e70ceda33
-
SSDEEP
6144:Aw3dwqsNTNEXGlQR58EqxF6snji81RUinKq3aEESliDy:AqdQKjeaEEp
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2