General
-
Target
c11bcb5692bfa98062cae9dda3a28c56_JaffaCakes118
-
Size
316KB
-
Sample
240825-tm5rhavarq
-
MD5
c11bcb5692bfa98062cae9dda3a28c56
-
SHA1
a16effa03bb0dd560f476e1c106d3c9292047661
-
SHA256
c93fd8db6631fa16ac23ac3b9a3d895269ce583811d6b8fb9bb40e38669a6b88
-
SHA512
5d3897da056d0d2c0bf746a673d7bc5018e5d3b989eff21a02d960cb307554bf9ad74310b8a48156775208b0a45d1cd9e90672fe2ab3928790df399b1359e41e
-
SSDEEP
6144:8M614wsq8gFV91GGGLVTmrshXj0MQH1DUhu1GJu+DODryKnKx:TqUgFV6Hm1JKx
Malware Config
Targets
-
-
Target
c11bcb5692bfa98062cae9dda3a28c56_JaffaCakes118
-
Size
316KB
-
MD5
c11bcb5692bfa98062cae9dda3a28c56
-
SHA1
a16effa03bb0dd560f476e1c106d3c9292047661
-
SHA256
c93fd8db6631fa16ac23ac3b9a3d895269ce583811d6b8fb9bb40e38669a6b88
-
SHA512
5d3897da056d0d2c0bf746a673d7bc5018e5d3b989eff21a02d960cb307554bf9ad74310b8a48156775208b0a45d1cd9e90672fe2ab3928790df399b1359e41e
-
SSDEEP
6144:8M614wsq8gFV91GGGLVTmrshXj0MQH1DUhu1GJu+DODryKnKx:TqUgFV6Hm1JKx
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2