General
-
Target
bf619fbf2ba01e5c3d97ed3e59f78d25_JaffaCakes118
-
Size
88KB
-
Sample
240824-zmjrxsyeka
-
MD5
bf619fbf2ba01e5c3d97ed3e59f78d25
-
SHA1
9f8e60946e3d93156110c4ef3392222518b3da18
-
SHA256
57093f4084db4a3c334a247e0d3748c87a9329e2de8d3994431bcee9bbf3c280
-
SHA512
0569e0198afbd16b94b2305084a0253efb5f2ece8042a98eeeb8ca97c01e0de4388167d3a7273a53caa3da060f86a8f8544d1aec2887ef30cdcc312ee715947d
-
SSDEEP
768:rDFIfMecsddaqnObOasGEwU8Z1Rbe2kjEQJQ1H7a8zFkzqcweI65YR:lIEZiCU8Z1QjEQJecwen
Malware Config
Targets
-
-
Target
bf619fbf2ba01e5c3d97ed3e59f78d25_JaffaCakes118
-
Size
88KB
-
MD5
bf619fbf2ba01e5c3d97ed3e59f78d25
-
SHA1
9f8e60946e3d93156110c4ef3392222518b3da18
-
SHA256
57093f4084db4a3c334a247e0d3748c87a9329e2de8d3994431bcee9bbf3c280
-
SHA512
0569e0198afbd16b94b2305084a0253efb5f2ece8042a98eeeb8ca97c01e0de4388167d3a7273a53caa3da060f86a8f8544d1aec2887ef30cdcc312ee715947d
-
SSDEEP
768:rDFIfMecsddaqnObOasGEwU8Z1Rbe2kjEQJQ1H7a8zFkzqcweI65YR:lIEZiCU8Z1QjEQJecwen
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2