General
-
Target
c7efc281eb06b632709a9d2aa8882419_JaffaCakes118
-
Size
228KB
-
Sample
240829-a1f6hswhjm
-
MD5
c7efc281eb06b632709a9d2aa8882419
-
SHA1
3a74df9c84cea4ef945cb4962a7ade972a2c2498
-
SHA256
51fc8416a7963fa904ab14bd2edc575e634054af4ce0fb8f27dfa4ff22d87216
-
SHA512
7db28f111f208a9b90d336ed6029834e5433c2b66a3505ad6c0a69abacb686fa520ea3f9214d6eeeeec62cac7d68cb22c074d0acaa33a3ec0a86bec87efc0ef0
-
SSDEEP
6144:xqhXbU7akpWm0/mnn7ruTbio1We0xOodpBL:x+LQpWm0/mnn7ruTbio1We0xOodpx
Malware Config
Targets
-
-
Target
c7efc281eb06b632709a9d2aa8882419_JaffaCakes118
-
Size
228KB
-
MD5
c7efc281eb06b632709a9d2aa8882419
-
SHA1
3a74df9c84cea4ef945cb4962a7ade972a2c2498
-
SHA256
51fc8416a7963fa904ab14bd2edc575e634054af4ce0fb8f27dfa4ff22d87216
-
SHA512
7db28f111f208a9b90d336ed6029834e5433c2b66a3505ad6c0a69abacb686fa520ea3f9214d6eeeeec62cac7d68cb22c074d0acaa33a3ec0a86bec87efc0ef0
-
SSDEEP
6144:xqhXbU7akpWm0/mnn7ruTbio1We0xOodpBL:x+LQpWm0/mnn7ruTbio1We0xOodpx
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2