General
-
Target
bac12c42222ef87b0b81ee64776c9253_JaffaCakes118
-
Size
212KB
-
Sample
240823-hs7bqsshrl
-
MD5
bac12c42222ef87b0b81ee64776c9253
-
SHA1
d1a350c189b3e952b085b0641760712513a1c7d8
-
SHA256
13ed76bb447bf6d3653040eedab34c701f4afbcd5b1ca61549aaa093da96b7d5
-
SHA512
ecc930a645763a048a78e0f31d3163834d0074dd39d9d79dca933bc809765329d22b1f1a092c830e0d3621b6b2d5418cdcbde4db7e51e47741a514354a523f56
-
SSDEEP
6144:vO2OG4GkabKnvmb7/D26s7olvW47imsG7CgHE9roWkwGe5S:vOvP5abKnvmb7/D26l7jsGegHEC/P
Malware Config
Targets
-
-
Target
bac12c42222ef87b0b81ee64776c9253_JaffaCakes118
-
Size
212KB
-
MD5
bac12c42222ef87b0b81ee64776c9253
-
SHA1
d1a350c189b3e952b085b0641760712513a1c7d8
-
SHA256
13ed76bb447bf6d3653040eedab34c701f4afbcd5b1ca61549aaa093da96b7d5
-
SHA512
ecc930a645763a048a78e0f31d3163834d0074dd39d9d79dca933bc809765329d22b1f1a092c830e0d3621b6b2d5418cdcbde4db7e51e47741a514354a523f56
-
SSDEEP
6144:vO2OG4GkabKnvmb7/D26s7olvW47imsG7CgHE9roWkwGe5S:vOvP5abKnvmb7/D26l7jsGegHEC/P
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2