General
-
Target
b8b967e4a85ad9855ab032f1f44d4acc_JaffaCakes118
-
Size
120KB
-
Sample
240822-xelkfasbkg
-
MD5
b8b967e4a85ad9855ab032f1f44d4acc
-
SHA1
ec8582e69132fe6539c2d87ac5216b0d59285278
-
SHA256
74959ca3547a99b3181aa514aa537053c09a19f37189dde678bdc5dc8a985c43
-
SHA512
23d1d30df9858daaca99d1182bee96a5ea41d306060b966a67a676b983030779992b41e35d0af597f784d9dc02db89436702e9075a4122d74a97914569357e3b
-
SSDEEP
768:L52y1EvsDZfGfhfqSy3/y3V3z378Ibih+aN1QFQiU+fP6dgSdgpdg+dgqFdgp2L9:LdYU8Jfql+ep1GQUzx5E1o7
Malware Config
Targets
-
-
Target
b8b967e4a85ad9855ab032f1f44d4acc_JaffaCakes118
-
Size
120KB
-
MD5
b8b967e4a85ad9855ab032f1f44d4acc
-
SHA1
ec8582e69132fe6539c2d87ac5216b0d59285278
-
SHA256
74959ca3547a99b3181aa514aa537053c09a19f37189dde678bdc5dc8a985c43
-
SHA512
23d1d30df9858daaca99d1182bee96a5ea41d306060b966a67a676b983030779992b41e35d0af597f784d9dc02db89436702e9075a4122d74a97914569357e3b
-
SSDEEP
768:L52y1EvsDZfGfhfqSy3/y3V3z378Ibih+aN1QFQiU+fP6dgSdgpdg+dgqFdgp2L9:LdYU8Jfql+ep1GQUzx5E1o7
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2