General
-
Target
c0e7e10e9286376b42413661327eaea3_JaffaCakes118
-
Size
260KB
-
Sample
240825-re5qeszcrk
-
MD5
c0e7e10e9286376b42413661327eaea3
-
SHA1
9478270f7887305ff0e861b82d3c957423862464
-
SHA256
04d95c22666939f42eb9c0e598e63f6dc7aebb04a3225d3b473b76bc081d0fd0
-
SHA512
2636caf353112940a6d951719988530fd8b4430c6de2627939f2f786ecc40ca7f1bef3b6371f548f02486bc4cd2bd07417338640f848dcefc3ea2e70338f8fcc
-
SSDEEP
3072:VrNcPIDHQXftsa01SOq1RY4uJr/I5fEKcpGJsXS9M:XcPIDd+JleGJ99
Malware Config
Targets
-
-
Target
c0e7e10e9286376b42413661327eaea3_JaffaCakes118
-
Size
260KB
-
MD5
c0e7e10e9286376b42413661327eaea3
-
SHA1
9478270f7887305ff0e861b82d3c957423862464
-
SHA256
04d95c22666939f42eb9c0e598e63f6dc7aebb04a3225d3b473b76bc081d0fd0
-
SHA512
2636caf353112940a6d951719988530fd8b4430c6de2627939f2f786ecc40ca7f1bef3b6371f548f02486bc4cd2bd07417338640f848dcefc3ea2e70338f8fcc
-
SSDEEP
3072:VrNcPIDHQXftsa01SOq1RY4uJr/I5fEKcpGJsXS9M:XcPIDd+JleGJ99
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2