General
-
Target
b596f355cf098891facb16c024176633_JaffaCakes118
-
Size
116KB
-
Sample
240822-agyw8asarl
-
MD5
b596f355cf098891facb16c024176633
-
SHA1
78f789d6305f4377655ae99fe96d2243ce1ec545
-
SHA256
80a3093ead3869daf97ab368193d0bcc048bc5cb174894b242fa49a86ffd06cd
-
SHA512
ea52addbc855334def03199cb1dc3b6b1902fbb67b9ea0b26edb642161f19462244ef578c163abced6ccd559ef2b1e3ced4db1e25f2633350723a50e440d63fc
-
SSDEEP
1536:s+pxoUL++W/SK8Kw6KBOIW4Z8HO1Zwt0f4HeDUEdMOPy9sbgNLwo7JaSi:PpRi+WrfIr1ZNDUEdawQU
Malware Config
Targets
-
-
Target
b596f355cf098891facb16c024176633_JaffaCakes118
-
Size
116KB
-
MD5
b596f355cf098891facb16c024176633
-
SHA1
78f789d6305f4377655ae99fe96d2243ce1ec545
-
SHA256
80a3093ead3869daf97ab368193d0bcc048bc5cb174894b242fa49a86ffd06cd
-
SHA512
ea52addbc855334def03199cb1dc3b6b1902fbb67b9ea0b26edb642161f19462244ef578c163abced6ccd559ef2b1e3ced4db1e25f2633350723a50e440d63fc
-
SSDEEP
1536:s+pxoUL++W/SK8Kw6KBOIW4Z8HO1Zwt0f4HeDUEdMOPy9sbgNLwo7JaSi:PpRi+WrfIr1ZNDUEdawQU
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2