General
-
Target
c26bcfd1a036cd48310206c54941d4fc_JaffaCakes118
-
Size
156KB
-
Sample
240826-gtk98ayepd
-
MD5
c26bcfd1a036cd48310206c54941d4fc
-
SHA1
87300c65b06c1bda09e02cf4a199b6b32d6db2f4
-
SHA256
a4c0761f85eab92152e35350e78ca603074f789f8263f06223fa39e24598753d
-
SHA512
408d749bbfa4d38dc98457787699f869c1251a1a9b7ca0a5b273a5e81c46afa8133dfde49a0f9c51241504a0ac74e9794584191cc5832190500706a5532b68f7
-
SSDEEP
1536:1sYdImIRnWuBU8g5DGHPOGrwUbaxGAka+tHK9rCGaVkmwHnuqx8MOdzAbKQgRV8:1IRnWoaNUbaxqECGaVKHuqL6Abzo8
Malware Config
Targets
-
-
Target
c26bcfd1a036cd48310206c54941d4fc_JaffaCakes118
-
Size
156KB
-
MD5
c26bcfd1a036cd48310206c54941d4fc
-
SHA1
87300c65b06c1bda09e02cf4a199b6b32d6db2f4
-
SHA256
a4c0761f85eab92152e35350e78ca603074f789f8263f06223fa39e24598753d
-
SHA512
408d749bbfa4d38dc98457787699f869c1251a1a9b7ca0a5b273a5e81c46afa8133dfde49a0f9c51241504a0ac74e9794584191cc5832190500706a5532b68f7
-
SSDEEP
1536:1sYdImIRnWuBU8g5DGHPOGrwUbaxGAka+tHK9rCGaVkmwHnuqx8MOdzAbKQgRV8:1IRnWoaNUbaxqECGaVKHuqL6Abzo8
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2