General
-
Target
ce5ba103cce4c9da3d0842e8fded5ada_JaffaCakes118
-
Size
216KB
-
Sample
240906-b3vblazdjc
-
MD5
ce5ba103cce4c9da3d0842e8fded5ada
-
SHA1
16fca05b74518d4e480a09d26b9f79420b76bd26
-
SHA256
b1816c5217dbbb2dbc29cee0c014c4a5f93c03d756ea9e44e156e7dd0aa4b541
-
SHA512
f62579c00b65951a6f18b45f7dbcfeb7a4c52f674c172435837905a850247bbf9bb48abc78307bfe99bf667c1ee78df87c3a820c99c691e09216754ff73f504b
-
SSDEEP
6144:uJhrbA1x5PZZKnvmb7/D26g4upEoadEXUqgVWLIg7gd:GA1x5PZZKnvmb7/D26GadEXUqgDg7gd
Malware Config
Targets
-
-
Target
ce5ba103cce4c9da3d0842e8fded5ada_JaffaCakes118
-
Size
216KB
-
MD5
ce5ba103cce4c9da3d0842e8fded5ada
-
SHA1
16fca05b74518d4e480a09d26b9f79420b76bd26
-
SHA256
b1816c5217dbbb2dbc29cee0c014c4a5f93c03d756ea9e44e156e7dd0aa4b541
-
SHA512
f62579c00b65951a6f18b45f7dbcfeb7a4c52f674c172435837905a850247bbf9bb48abc78307bfe99bf667c1ee78df87c3a820c99c691e09216754ff73f504b
-
SSDEEP
6144:uJhrbA1x5PZZKnvmb7/D26g4upEoadEXUqgVWLIg7gd:GA1x5PZZKnvmb7/D26GadEXUqgDg7gd
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2