General
-
Target
c240198f315ec1e732eb865c4dd880eb_JaffaCakes118
-
Size
156KB
-
Sample
240826-epntfatgkd
-
MD5
c240198f315ec1e732eb865c4dd880eb
-
SHA1
5bf3619f0a14e19d3b7693c6a6d75b18bc6de3b4
-
SHA256
5bd872572793e882694199dd9362b5a4b01087249d8d4673e6845764108fb3a2
-
SHA512
81bf98caf55b176f3e54126a25798fecf276f628b10e111419240e3432f7a62eda119e8f31b4376893307511f4cdb82aef47a020bb6d4d558d3defc63ab58355
-
SSDEEP
3072:kUfb72L2wmM39vJhjmRMKGOMztubDqrmhX1yjdL1qE5j4oQC:BT22wmMtRfXZm1gpNd3
Malware Config
Targets
-
-
Target
c240198f315ec1e732eb865c4dd880eb_JaffaCakes118
-
Size
156KB
-
MD5
c240198f315ec1e732eb865c4dd880eb
-
SHA1
5bf3619f0a14e19d3b7693c6a6d75b18bc6de3b4
-
SHA256
5bd872572793e882694199dd9362b5a4b01087249d8d4673e6845764108fb3a2
-
SHA512
81bf98caf55b176f3e54126a25798fecf276f628b10e111419240e3432f7a62eda119e8f31b4376893307511f4cdb82aef47a020bb6d4d558d3defc63ab58355
-
SSDEEP
3072:kUfb72L2wmM39vJhjmRMKGOMztubDqrmhX1yjdL1qE5j4oQC:BT22wmMtRfXZm1gpNd3
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2