General
-
Target
bdd4cc3db4f1cd008d92fecc1323fb18_JaffaCakes118
-
Size
792KB
-
Sample
240824-d2g1zstbjr
-
MD5
bdd4cc3db4f1cd008d92fecc1323fb18
-
SHA1
0f5054ead0721a9197daef82a52120d8e58f5211
-
SHA256
771b17b8bd7f1a10429d713e30526135a814ee181b38210bcf72439fba3d2993
-
SHA512
2072e89de85b606c1a4e88b7e5177d907165d05b393be72721c3ff7eb8a228e3de773e867e3db06164118696f338c2395cc40ed87543345a9c6bffeb509fe2b4
-
SSDEEP
24576:C6rTTrLZt640HYTIegYgAAldoCXJK/KbhKMB:CCTPRmqAXoC80YM
Malware Config
Targets
-
-
Target
bdd4cc3db4f1cd008d92fecc1323fb18_JaffaCakes118
-
Size
792KB
-
MD5
bdd4cc3db4f1cd008d92fecc1323fb18
-
SHA1
0f5054ead0721a9197daef82a52120d8e58f5211
-
SHA256
771b17b8bd7f1a10429d713e30526135a814ee181b38210bcf72439fba3d2993
-
SHA512
2072e89de85b606c1a4e88b7e5177d907165d05b393be72721c3ff7eb8a228e3de773e867e3db06164118696f338c2395cc40ed87543345a9c6bffeb509fe2b4
-
SSDEEP
24576:C6rTTrLZt640HYTIegYgAAldoCXJK/KbhKMB:CCTPRmqAXoC80YM
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
1