General
-
Target
b4e87952066b1707b308dc1b2ad13e28_JaffaCakes118
-
Size
364KB
-
Sample
240821-y59wdssdrk
-
MD5
b4e87952066b1707b308dc1b2ad13e28
-
SHA1
a7e7be92beb9f1c521c74cc46723342ea6daadd0
-
SHA256
66b1da4c304c524360389d8ef1a8a270d522d1fbe007d367c1527b4a10212903
-
SHA512
612b0ed57bc53afd4bc9b922958b3ffce1fda4c788829f087d10b3e2f32cb75e3afecdffc0de0edd90c75073fcc9885cae00e713df4b342ab8f8848be5dc1dd7
-
SSDEEP
3072:HdGAiXP90JuGEnvBlHplTOoX56B4uE7U4iy+LwldhzNkYMvMZqvREJH7T6toRG9a:e9yuPnvBBxYJxwphkYMvMZCDOZ
Malware Config
Targets
-
-
Target
b4e87952066b1707b308dc1b2ad13e28_JaffaCakes118
-
Size
364KB
-
MD5
b4e87952066b1707b308dc1b2ad13e28
-
SHA1
a7e7be92beb9f1c521c74cc46723342ea6daadd0
-
SHA256
66b1da4c304c524360389d8ef1a8a270d522d1fbe007d367c1527b4a10212903
-
SHA512
612b0ed57bc53afd4bc9b922958b3ffce1fda4c788829f087d10b3e2f32cb75e3afecdffc0de0edd90c75073fcc9885cae00e713df4b342ab8f8848be5dc1dd7
-
SSDEEP
3072:HdGAiXP90JuGEnvBlHplTOoX56B4uE7U4iy+LwldhzNkYMvMZqvREJH7T6toRG9a:e9yuPnvBBxYJxwphkYMvMZCDOZ
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2