General
-
Target
cf78e403ceca27efddf4c356f3662de3_JaffaCakes118
-
Size
124KB
-
Sample
240906-n3traavhja
-
MD5
cf78e403ceca27efddf4c356f3662de3
-
SHA1
72722ea93ced2dff189f2a2ae69c2f44a1104a03
-
SHA256
7e72b0b65c253c7a41d00f7c5be5e89b772a8cb0703558f69e2ed54943a30356
-
SHA512
043a6b4cdf26913b43d0a3b3fd19bd908be6694cf781cb4f70a5a0aeca5dcf81fe291d9f67db684ac1a6b1c010f1cc875e383d02562da83b53ab4b82142ccfcf
-
SSDEEP
3072:aaAfUEiFRrQKGcNqnGrD6uvIepyJS6f1qreT:ahfiFRrQKGciwQJr
Malware Config
Targets
-
-
Target
cf78e403ceca27efddf4c356f3662de3_JaffaCakes118
-
Size
124KB
-
MD5
cf78e403ceca27efddf4c356f3662de3
-
SHA1
72722ea93ced2dff189f2a2ae69c2f44a1104a03
-
SHA256
7e72b0b65c253c7a41d00f7c5be5e89b772a8cb0703558f69e2ed54943a30356
-
SHA512
043a6b4cdf26913b43d0a3b3fd19bd908be6694cf781cb4f70a5a0aeca5dcf81fe291d9f67db684ac1a6b1c010f1cc875e383d02562da83b53ab4b82142ccfcf
-
SSDEEP
3072:aaAfUEiFRrQKGcNqnGrD6uvIepyJS6f1qreT:ahfiFRrQKGciwQJr
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2