General
-
Target
b7f9ef8d9e36b6138b0db49e261cd17a_JaffaCakes118
-
Size
216KB
-
Sample
240822-rpkg8s1gla
-
MD5
b7f9ef8d9e36b6138b0db49e261cd17a
-
SHA1
4b1f3cb5bb487902a601b2fa57c5f6ad7645515a
-
SHA256
4f76c604d99cd0887865ede510b6711a0f540249c15f8399aae2851c840e5ff4
-
SHA512
89d9c6bf246f45d79883d4f466a835a1b57a42dd05b9dd90ab5effa696b56f71431aceddc96dae6540bb2212be8990e775db15c95c4f1a086e04fbf5ac7e436c
-
SSDEEP
6144:f4duoDdJzpTlbwEhYKFIGuhtFaA6Tuyrj:fWxFJ+IIGusduy
Malware Config
Targets
-
-
Target
b7f9ef8d9e36b6138b0db49e261cd17a_JaffaCakes118
-
Size
216KB
-
MD5
b7f9ef8d9e36b6138b0db49e261cd17a
-
SHA1
4b1f3cb5bb487902a601b2fa57c5f6ad7645515a
-
SHA256
4f76c604d99cd0887865ede510b6711a0f540249c15f8399aae2851c840e5ff4
-
SHA512
89d9c6bf246f45d79883d4f466a835a1b57a42dd05b9dd90ab5effa696b56f71431aceddc96dae6540bb2212be8990e775db15c95c4f1a086e04fbf5ac7e436c
-
SSDEEP
6144:f4duoDdJzpTlbwEhYKFIGuhtFaA6Tuyrj:fWxFJ+IIGusduy
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2