General
-
Target
c97da4a66207b80574fccea42cf2bb94_JaffaCakes118
-
Size
284KB
-
Sample
240829-yarfkazarn
-
MD5
c97da4a66207b80574fccea42cf2bb94
-
SHA1
99aaeac392924f03a499dbb33ccba81fecc3fda3
-
SHA256
4a40fe7372e7bf1cd31a6ab13d266f596a2da97ee2f38eacee2b543d533137fb
-
SHA512
a057415b2a3aa2e66417f0406c36f0d4c36a60c358ab534e0b41a5571c6e81e929eb25be49133543fc4aa45d493e369b49497d317ffe6294829ee0b0c20d2b7f
-
SSDEEP
6144:4U6QcxQRhNyKQ9ezwA2Rv4gnw+lJVomcEk9dk/FLGY+Kt/dPLsx02Gf6vIqGnuT9:CjVIrbQdnHcllaXYDoDM3fiUa
Malware Config
Targets
-
-
Target
c97da4a66207b80574fccea42cf2bb94_JaffaCakes118
-
Size
284KB
-
MD5
c97da4a66207b80574fccea42cf2bb94
-
SHA1
99aaeac392924f03a499dbb33ccba81fecc3fda3
-
SHA256
4a40fe7372e7bf1cd31a6ab13d266f596a2da97ee2f38eacee2b543d533137fb
-
SHA512
a057415b2a3aa2e66417f0406c36f0d4c36a60c358ab534e0b41a5571c6e81e929eb25be49133543fc4aa45d493e369b49497d317ffe6294829ee0b0c20d2b7f
-
SSDEEP
6144:4U6QcxQRhNyKQ9ezwA2Rv4gnw+lJVomcEk9dk/FLGY+Kt/dPLsx02Gf6vIqGnuT9:CjVIrbQdnHcllaXYDoDM3fiUa
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2