General
-
Target
bd8e61a75d41c7f3b2a8b701b4341cc2_JaffaCakes118
-
Size
252KB
-
Sample
240823-3en88atarg
-
MD5
bd8e61a75d41c7f3b2a8b701b4341cc2
-
SHA1
e5f81b00ea48b5f510b944c2fb837234cfe56d36
-
SHA256
b0edec3fd151af74def652d8c83a72fc75b1837ab04c73f4a49945285ed2d9b7
-
SHA512
0e1dae8801a740f00bd5ccd75d3940f6d3641f3efbd79e91194f2743cc443c46ac044d4ab81e67fce10cc75176982a08e64027f6ed7b17deacca4e9bf6727c86
-
SSDEEP
6144:8ml7FNnnPbuxN8b7giqR20NGNccko5Knvmb7/D26i02maSTOarRfG:fl7FNnjuxN8cGNccko5Knvmb7/D26i0Y
Malware Config
Targets
-
-
Target
bd8e61a75d41c7f3b2a8b701b4341cc2_JaffaCakes118
-
Size
252KB
-
MD5
bd8e61a75d41c7f3b2a8b701b4341cc2
-
SHA1
e5f81b00ea48b5f510b944c2fb837234cfe56d36
-
SHA256
b0edec3fd151af74def652d8c83a72fc75b1837ab04c73f4a49945285ed2d9b7
-
SHA512
0e1dae8801a740f00bd5ccd75d3940f6d3641f3efbd79e91194f2743cc443c46ac044d4ab81e67fce10cc75176982a08e64027f6ed7b17deacca4e9bf6727c86
-
SSDEEP
6144:8ml7FNnnPbuxN8b7giqR20NGNccko5Knvmb7/D26i02maSTOarRfG:fl7FNnjuxN8cGNccko5Knvmb7/D26i0Y
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2