General
-
Target
c7be519c94b15aae11a1a68740514558_JaffaCakes118
-
Size
140KB
-
Sample
240828-15xl6sygld
-
MD5
c7be519c94b15aae11a1a68740514558
-
SHA1
0e887e4c4a0be1ed1820a99ccc962f08dc37058f
-
SHA256
39fea71067b1ce4966e1680978522005ce2fe74ced61d1cd5d54f8ed1817ef44
-
SHA512
e89cb2319c79611027eff44cc58ba931c017b7c1cfaab74d861d78a264f9eb8ca341ca87d119ff06591ad677b13dc43d2b7aadce062f22b709e0501410a52492
-
SSDEEP
3072:Ll2rglgJ5kD73mQtFDPB1P85XvbM7h8bdaqmRIxqeHHNMOiRSO:Lsr6gJQ72QtFDPB1P85Xvw7h8boqfqe+
Malware Config
Targets
-
-
Target
c7be519c94b15aae11a1a68740514558_JaffaCakes118
-
Size
140KB
-
MD5
c7be519c94b15aae11a1a68740514558
-
SHA1
0e887e4c4a0be1ed1820a99ccc962f08dc37058f
-
SHA256
39fea71067b1ce4966e1680978522005ce2fe74ced61d1cd5d54f8ed1817ef44
-
SHA512
e89cb2319c79611027eff44cc58ba931c017b7c1cfaab74d861d78a264f9eb8ca341ca87d119ff06591ad677b13dc43d2b7aadce062f22b709e0501410a52492
-
SSDEEP
3072:Ll2rglgJ5kD73mQtFDPB1P85XvbM7h8bdaqmRIxqeHHNMOiRSO:Lsr6gJQ72QtFDPB1P85Xvw7h8boqfqe+
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2