General
-
Target
b4808dd6283950b48bdef9de512117dd_JaffaCakes118
-
Size
124KB
-
Sample
240821-wtq8sswhmq
-
MD5
b4808dd6283950b48bdef9de512117dd
-
SHA1
1fec8ce0608e0e52b1a2bf060ce196069883adf3
-
SHA256
d5d2f0311dc06a7419fdb9dcc03782e3e4f344285e66c12ade7212d60bff00a8
-
SHA512
4ef5bd145c447d61aff239912a1876a7ef8b9a5ac10bc6f784be845835f677ecec61001da6b9eb2e134aa7c914e7f4eb086afab8093035e0b04e3d6cbfec7259
-
SSDEEP
1536:56EFhwRRuBxeDtMYHa27J14ltxporZ45i8NeG0h/l:QEFhwRRkeV6gJ1uCt45yt
Malware Config
Targets
-
-
Target
b4808dd6283950b48bdef9de512117dd_JaffaCakes118
-
Size
124KB
-
MD5
b4808dd6283950b48bdef9de512117dd
-
SHA1
1fec8ce0608e0e52b1a2bf060ce196069883adf3
-
SHA256
d5d2f0311dc06a7419fdb9dcc03782e3e4f344285e66c12ade7212d60bff00a8
-
SHA512
4ef5bd145c447d61aff239912a1876a7ef8b9a5ac10bc6f784be845835f677ecec61001da6b9eb2e134aa7c914e7f4eb086afab8093035e0b04e3d6cbfec7259
-
SSDEEP
1536:56EFhwRRuBxeDtMYHa27J14ltxporZ45i8NeG0h/l:QEFhwRRkeV6gJ1uCt45yt
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2