General
-
Target
c8832a22a34fd5eba716a881a718e110_JaffaCakes118
-
Size
240KB
-
Sample
240829-ksktvasfne
-
MD5
c8832a22a34fd5eba716a881a718e110
-
SHA1
2139a81c478a1e190d7f4bb8f5173104fa21868a
-
SHA256
9e3d5ad7e261bc0e727563301b89c56171e45a9c280b625fe573a3ae3a3f30bc
-
SHA512
850df6b1efc5efe3102f8d1d3cfb3cd87a6b4ca1442877563224318fa2fc1462ed185cb41522b218817020b17e37772932e0b3b56b6e5b076bb6af7b76a30c11
-
SSDEEP
6144:DUy3dwqsNwemAB0EqxF6snji81RUinKchhycSQ:hdQQJs7
Malware Config
Targets
-
-
Target
c8832a22a34fd5eba716a881a718e110_JaffaCakes118
-
Size
240KB
-
MD5
c8832a22a34fd5eba716a881a718e110
-
SHA1
2139a81c478a1e190d7f4bb8f5173104fa21868a
-
SHA256
9e3d5ad7e261bc0e727563301b89c56171e45a9c280b625fe573a3ae3a3f30bc
-
SHA512
850df6b1efc5efe3102f8d1d3cfb3cd87a6b4ca1442877563224318fa2fc1462ed185cb41522b218817020b17e37772932e0b3b56b6e5b076bb6af7b76a30c11
-
SSDEEP
6144:DUy3dwqsNwemAB0EqxF6snji81RUinKchhycSQ:hdQQJs7
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2