General
-
Target
cf577c39fec796b9be4667664d1d5f61_JaffaCakes118
-
Size
136KB
-
Sample
240906-mkg44a1ejq
-
MD5
cf577c39fec796b9be4667664d1d5f61
-
SHA1
6883224d866dc9b1f7b14794a27ad091c7f8c16c
-
SHA256
a66cbab9475b3658b1228f572d28572a5e9cf842a6877e9ae09b79c29973996f
-
SHA512
314d19e77fc2ff0c40cf8d2ed1e626813a70d2375d009414e26b6c99c64e2d8696a6d650276cf9539b571d251d64438c663a7bf4b12d6f3eecdaab4d71f1086a
-
SSDEEP
3072:fJ8YTXfoF8EHAaNKWY9pkWdHOYBs7HTbcnp886/kWRBg156CEf+2XC4bskzIYgBT:frrjEt9Y9pkWdHOYBs7HTbcnp886/kWp
Malware Config
Targets
-
-
Target
cf577c39fec796b9be4667664d1d5f61_JaffaCakes118
-
Size
136KB
-
MD5
cf577c39fec796b9be4667664d1d5f61
-
SHA1
6883224d866dc9b1f7b14794a27ad091c7f8c16c
-
SHA256
a66cbab9475b3658b1228f572d28572a5e9cf842a6877e9ae09b79c29973996f
-
SHA512
314d19e77fc2ff0c40cf8d2ed1e626813a70d2375d009414e26b6c99c64e2d8696a6d650276cf9539b571d251d64438c663a7bf4b12d6f3eecdaab4d71f1086a
-
SSDEEP
3072:fJ8YTXfoF8EHAaNKWY9pkWdHOYBs7HTbcnp886/kWRBg156CEf+2XC4bskzIYgBT:frrjEt9Y9pkWdHOYBs7HTbcnp886/kWp
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2