General
-
Target
c0646413d90e99f68e116a44e80da22c_JaffaCakes118
-
Size
180KB
-
Sample
240825-kzb6aaxflr
-
MD5
c0646413d90e99f68e116a44e80da22c
-
SHA1
d73f697cd1ec1a253a6a4a66e715046c0f6442d5
-
SHA256
0b6bbad09a33029b42d9380fb18f9397ac4354331dc383cf8a0908b7085a3835
-
SHA512
d232930a117fb2346eb25160b653aa70cb5baaf7e21182abbb754ecea3d5431608e01e9a4ed2bff01e92349d6afc96bcf2dfbb4d6b7547cdc0023b8833f49182
-
SSDEEP
1536:b+XUldcxKc8NMgeGU4AeGL0TxpKwmf8y0IpWur+2RPFYSUxBphFWGh:aEfcSg4dgxkcrhRVUHFWG
Malware Config
Targets
-
-
Target
c0646413d90e99f68e116a44e80da22c_JaffaCakes118
-
Size
180KB
-
MD5
c0646413d90e99f68e116a44e80da22c
-
SHA1
d73f697cd1ec1a253a6a4a66e715046c0f6442d5
-
SHA256
0b6bbad09a33029b42d9380fb18f9397ac4354331dc383cf8a0908b7085a3835
-
SHA512
d232930a117fb2346eb25160b653aa70cb5baaf7e21182abbb754ecea3d5431608e01e9a4ed2bff01e92349d6afc96bcf2dfbb4d6b7547cdc0023b8833f49182
-
SSDEEP
1536:b+XUldcxKc8NMgeGU4AeGL0TxpKwmf8y0IpWur+2RPFYSUxBphFWGh:aEfcSg4dgxkcrhRVUHFWG
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2