General
-
Target
b9b2ad3870599bc1610affade03d3814_JaffaCakes118
-
Size
169KB
-
Sample
240823-a1zmvsyemm
-
MD5
b9b2ad3870599bc1610affade03d3814
-
SHA1
82bb8c54aea00fa14a82543621bdbbacf3693180
-
SHA256
5cb585e3a81891a2d9c5d4a24e4084cb0e41ee46f214802a4d53a753c6a78318
-
SHA512
2f0bdf39e9bfd866bebade88d4eb3fff46b89860ee19a30a2de655b71f4c498a5e0b47544e610babbc9db14bc3bf2c11f97760227907b84c9486914d3f20af88
-
SSDEEP
1536:ZbHwOBRXwx2ibTmQXMXBvUR5bOxyUpWaarEk:9LYxYQ5OxyUI5
Malware Config
Targets
-
-
Target
b9b2ad3870599bc1610affade03d3814_JaffaCakes118
-
Size
169KB
-
MD5
b9b2ad3870599bc1610affade03d3814
-
SHA1
82bb8c54aea00fa14a82543621bdbbacf3693180
-
SHA256
5cb585e3a81891a2d9c5d4a24e4084cb0e41ee46f214802a4d53a753c6a78318
-
SHA512
2f0bdf39e9bfd866bebade88d4eb3fff46b89860ee19a30a2de655b71f4c498a5e0b47544e610babbc9db14bc3bf2c11f97760227907b84c9486914d3f20af88
-
SSDEEP
1536:ZbHwOBRXwx2ibTmQXMXBvUR5bOxyUpWaarEk:9LYxYQ5OxyUI5
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2