General
-
Target
b8f72451edc884702ba5316ebc2e0537_JaffaCakes118
-
Size
252KB
-
Sample
240822-yt3ypsxhpq
-
MD5
b8f72451edc884702ba5316ebc2e0537
-
SHA1
be9820c208840d50c242c0ceb5046a29bf98a2f4
-
SHA256
aca70309cc6b12f87b13da56aedb9d59cff0e85b40005c3abb4d6c9b6581a8de
-
SHA512
9c51184c0a4d244eb4c1f3f1d66d98303ea2529b10eba9a159e097b9ec7b8480d8cff9d69fe7bd8eec7b569eb980fb27499d1e635985302aa9a23a712638ce03
-
SSDEEP
3072:Cv75FPhhh1d1Hz0IeTsjXcvnHZi1r5w/ihLkbM6HVJMVH6JYTdUAgQxhd:yHZ9dlzkwDU4w/iyM6HG6JYxVF
Malware Config
Targets
-
-
Target
b8f72451edc884702ba5316ebc2e0537_JaffaCakes118
-
Size
252KB
-
MD5
b8f72451edc884702ba5316ebc2e0537
-
SHA1
be9820c208840d50c242c0ceb5046a29bf98a2f4
-
SHA256
aca70309cc6b12f87b13da56aedb9d59cff0e85b40005c3abb4d6c9b6581a8de
-
SHA512
9c51184c0a4d244eb4c1f3f1d66d98303ea2529b10eba9a159e097b9ec7b8480d8cff9d69fe7bd8eec7b569eb980fb27499d1e635985302aa9a23a712638ce03
-
SSDEEP
3072:Cv75FPhhh1d1Hz0IeTsjXcvnHZi1r5w/ihLkbM6HVJMVH6JYTdUAgQxhd:yHZ9dlzkwDU4w/iyM6HG6JYxVF
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2