General
-
Target
bc0764fab9e586b0ae4e59a26ce3a954_JaffaCakes118
-
Size
88KB
-
Sample
240823-rclvjayane
-
MD5
bc0764fab9e586b0ae4e59a26ce3a954
-
SHA1
cee782e4a5aa89e7b9d8c702775d497b372603ee
-
SHA256
f071790e510f10b2a40f3bc3c0cdda5fe8c6ea3914aedce366620d0e32272022
-
SHA512
a5bf50db3a479c7f2b681465d2803bf06b8149ebae3b35d7c0d05d9ec42b3b2dfd802d359c15bc2ff85733bbafa8c480892a9db74bdc400ef86e696a5a46e2c9
-
SSDEEP
768:ZtsceqCgcCvPi7Wx8SRl5HcJR0t20rdg8hUPjvY4dW4dsoeKpAdDY4BO0BCZc/UW:rjeOi7K1RPnQpBeCZk1
Malware Config
Targets
-
-
Target
bc0764fab9e586b0ae4e59a26ce3a954_JaffaCakes118
-
Size
88KB
-
MD5
bc0764fab9e586b0ae4e59a26ce3a954
-
SHA1
cee782e4a5aa89e7b9d8c702775d497b372603ee
-
SHA256
f071790e510f10b2a40f3bc3c0cdda5fe8c6ea3914aedce366620d0e32272022
-
SHA512
a5bf50db3a479c7f2b681465d2803bf06b8149ebae3b35d7c0d05d9ec42b3b2dfd802d359c15bc2ff85733bbafa8c480892a9db74bdc400ef86e696a5a46e2c9
-
SSDEEP
768:ZtsceqCgcCvPi7Wx8SRl5HcJR0t20rdg8hUPjvY4dW4dsoeKpAdDY4BO0BCZc/UW:rjeOi7K1RPnQpBeCZk1
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2