General
-
Target
d0591e580cc8311994636c1016383762_JaffaCakes118
-
Size
224KB
-
Sample
240906-yp26lswaja
-
MD5
d0591e580cc8311994636c1016383762
-
SHA1
93abbb6b5977e2e4127e5cb634acc33e94535b6c
-
SHA256
7c10069b048be5e3f5e867a75b527e6308d171b12c7686d6c60d550851cf6672
-
SHA512
fb0865ee5094b9c1a4ba0074312264e09b80e921780d2e545b4ddbddade37760a78cf7cb4a97ceb4cfce658c73f339b8d5cccc60125196c5dd5a312380388872
-
SSDEEP
6144:fdFwzWQ/YVLKv+1DvopAytt0Sh4sO0rTbJsjBv23xuUS71Xm4mqWKnvmb7/D26D3:lFwoVLKv+1DvopAyD0Sy0rTbyjw3x/SE
Malware Config
Targets
-
-
Target
d0591e580cc8311994636c1016383762_JaffaCakes118
-
Size
224KB
-
MD5
d0591e580cc8311994636c1016383762
-
SHA1
93abbb6b5977e2e4127e5cb634acc33e94535b6c
-
SHA256
7c10069b048be5e3f5e867a75b527e6308d171b12c7686d6c60d550851cf6672
-
SHA512
fb0865ee5094b9c1a4ba0074312264e09b80e921780d2e545b4ddbddade37760a78cf7cb4a97ceb4cfce658c73f339b8d5cccc60125196c5dd5a312380388872
-
SSDEEP
6144:fdFwzWQ/YVLKv+1DvopAytt0Sh4sO0rTbJsjBv23xuUS71Xm4mqWKnvmb7/D26D3:lFwoVLKv+1DvopAyD0Sy0rTbyjw3x/SE
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2