General
-
Target
bf6babbd6d36a50a9f4de06ce2af8231_JaffaCakes118
-
Size
120KB
-
Sample
240824-z11mlazcpa
-
MD5
bf6babbd6d36a50a9f4de06ce2af8231
-
SHA1
4c8790edf55cc7fcbb0347f6e7923392fb256620
-
SHA256
a2cd28315799337d9b9097805c13d016ba12598bff8634e4f00d2bf5eb44f016
-
SHA512
26bfc403156dac366aa85359fcf07a88585dfce5a2855e05bc99771694d9a9cc6e8d8a516f806f8df93e22db9b65f46ab661593e428a8e4be7c4705ad0a23c70
-
SSDEEP
3072:hVCbZSukOY8hrJFVNM/N/5sfqDfwqpNzYsf:vork6hrJ3NON/5sG9NzYw
Malware Config
Targets
-
-
Target
bf6babbd6d36a50a9f4de06ce2af8231_JaffaCakes118
-
Size
120KB
-
MD5
bf6babbd6d36a50a9f4de06ce2af8231
-
SHA1
4c8790edf55cc7fcbb0347f6e7923392fb256620
-
SHA256
a2cd28315799337d9b9097805c13d016ba12598bff8634e4f00d2bf5eb44f016
-
SHA512
26bfc403156dac366aa85359fcf07a88585dfce5a2855e05bc99771694d9a9cc6e8d8a516f806f8df93e22db9b65f46ab661593e428a8e4be7c4705ad0a23c70
-
SSDEEP
3072:hVCbZSukOY8hrJFVNM/N/5sfqDfwqpNzYsf:vork6hrJ3NON/5sG9NzYw
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2