General
-
Target
b6d2b3eab9333209711fc948aaf41994_JaffaCakes118
-
Size
152KB
-
Sample
240822-h994ysveja
-
MD5
b6d2b3eab9333209711fc948aaf41994
-
SHA1
98cf401470d1299653820d95e21c037b6e67d560
-
SHA256
5b7e7ddba3f7c6b8457f8fc055277f0b4ac9bbd10e576dd24bb76a8fee34a7ec
-
SHA512
d4b0fcc23b8528e59b04f3883322f74b862a4f70bf81f37548b30000bfb114a4351fd56d7c82517ca8c2eac18747bd88d3fe47747b9124578406d2b3b184ebc8
-
SSDEEP
3072:Urdsw38Yo8KvAmRPveYlUq/kzPi0gEr+YsBYPAZ1KHiLwcIaZ154oQZiEbeE:AMYvEGaUq8iHEXsCJR8ZdWX
Malware Config
Targets
-
-
Target
b6d2b3eab9333209711fc948aaf41994_JaffaCakes118
-
Size
152KB
-
MD5
b6d2b3eab9333209711fc948aaf41994
-
SHA1
98cf401470d1299653820d95e21c037b6e67d560
-
SHA256
5b7e7ddba3f7c6b8457f8fc055277f0b4ac9bbd10e576dd24bb76a8fee34a7ec
-
SHA512
d4b0fcc23b8528e59b04f3883322f74b862a4f70bf81f37548b30000bfb114a4351fd56d7c82517ca8c2eac18747bd88d3fe47747b9124578406d2b3b184ebc8
-
SSDEEP
3072:Urdsw38Yo8KvAmRPveYlUq/kzPi0gEr+YsBYPAZ1KHiLwcIaZ154oQZiEbeE:AMYvEGaUq8iHEXsCJR8ZdWX
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2