General
-
Target
bb51612d1edb35df080028dd1aac589b_JaffaCakes118
-
Size
60KB
-
Sample
240823-l96y3syapd
-
MD5
bb51612d1edb35df080028dd1aac589b
-
SHA1
8f8b36318f7501ddf2677098a654e18716557257
-
SHA256
99d181e2a001720a2d65ea977993ab525135e652961f7d74e64422f018ba6a17
-
SHA512
954bf235706157abe469dcf026e2f7d53948e76bee8b3716475904b1f377f19f38f2509f97c0b9649ade71422b8b1bc1837e9076cc1cbd0f89f7270b1ba8226b
-
SSDEEP
768:+7SpCTLYxhIPBryUmU6tI4UBndTaDyNMRzEQU5e3bw1o+ZuW4Vr:+7ZPGidjCCndTuyNMS3cw1o+ZsVr
Malware Config
Targets
-
-
Target
bb51612d1edb35df080028dd1aac589b_JaffaCakes118
-
Size
60KB
-
MD5
bb51612d1edb35df080028dd1aac589b
-
SHA1
8f8b36318f7501ddf2677098a654e18716557257
-
SHA256
99d181e2a001720a2d65ea977993ab525135e652961f7d74e64422f018ba6a17
-
SHA512
954bf235706157abe469dcf026e2f7d53948e76bee8b3716475904b1f377f19f38f2509f97c0b9649ade71422b8b1bc1837e9076cc1cbd0f89f7270b1ba8226b
-
SSDEEP
768:+7SpCTLYxhIPBryUmU6tI4UBndTaDyNMRzEQU5e3bw1o+ZuW4Vr:+7ZPGidjCCndTuyNMS3cw1o+ZsVr
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2