General
-
Target
b8283ae74dabf2958712718f005e6243_JaffaCakes118
-
Size
268KB
-
Sample
240822-svsw8sxamr
-
MD5
b8283ae74dabf2958712718f005e6243
-
SHA1
6900f188ebc331a2ff12b0cc4303d093f1e622c1
-
SHA256
d40c38f291f32e425f15191c78cdf919686de5e07832d5e8d7046d34de6bff85
-
SHA512
5c184c67ad00e9b3b673780c86932412f9066e881e411200ebe01d9e32d668f594a7a8db934a77f256546bb018d9ad316f93eb5f035ec448256c5b2f99aab23d
-
SSDEEP
6144:hKZgsPHPr5dFvW8HGzNz8I4vDWsQXnByGcSnuXLH6MJ:IjPHVdFvW8Hu/4vDKXnByLXLn
Malware Config
Targets
-
-
Target
b8283ae74dabf2958712718f005e6243_JaffaCakes118
-
Size
268KB
-
MD5
b8283ae74dabf2958712718f005e6243
-
SHA1
6900f188ebc331a2ff12b0cc4303d093f1e622c1
-
SHA256
d40c38f291f32e425f15191c78cdf919686de5e07832d5e8d7046d34de6bff85
-
SHA512
5c184c67ad00e9b3b673780c86932412f9066e881e411200ebe01d9e32d668f594a7a8db934a77f256546bb018d9ad316f93eb5f035ec448256c5b2f99aab23d
-
SSDEEP
6144:hKZgsPHPr5dFvW8HGzNz8I4vDWsQXnByGcSnuXLH6MJ:IjPHVdFvW8Hu/4vDKXnByLXLn
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2