General
-
Target
ce641a18a098ef99e67dbad9de6a25b9_JaffaCakes118
-
Size
196KB
-
Sample
240906-ce5cbs1akg
-
MD5
ce641a18a098ef99e67dbad9de6a25b9
-
SHA1
52cb2e56ffba78bf3223c7b88fda507dd6d786a5
-
SHA256
600752b801578db2a1547d9add7ab17d1d9bd4bc30d3a092b69a9374bc964fe8
-
SHA512
1267a47a14418172c31f57730bc8aac6566e6e0c971ba1c662922cdcea625366160d78c6379978f674f5bd7f7f50ec80577f9e293eed14b9ea29fbadd8b2b587
-
SSDEEP
3072:YxnR1VnPybzV8Q3io0ce4LTI208YioBK9QRO8qeXQ:YpXVnPybzV8Oio0ctLTt08doLRO8qeg
Malware Config
Targets
-
-
Target
ce641a18a098ef99e67dbad9de6a25b9_JaffaCakes118
-
Size
196KB
-
MD5
ce641a18a098ef99e67dbad9de6a25b9
-
SHA1
52cb2e56ffba78bf3223c7b88fda507dd6d786a5
-
SHA256
600752b801578db2a1547d9add7ab17d1d9bd4bc30d3a092b69a9374bc964fe8
-
SHA512
1267a47a14418172c31f57730bc8aac6566e6e0c971ba1c662922cdcea625366160d78c6379978f674f5bd7f7f50ec80577f9e293eed14b9ea29fbadd8b2b587
-
SSDEEP
3072:YxnR1VnPybzV8Q3io0ce4LTI208YioBK9QRO8qeXQ:YpXVnPybzV8Oio0ctLTt08doLRO8qeg
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2