General
-
Target
d0757330cc78f6f9e3c56cd73c3f1e14_JaffaCakes118
-
Size
272KB
-
Sample
240906-zzs65axhml
-
MD5
d0757330cc78f6f9e3c56cd73c3f1e14
-
SHA1
24016b0de904d3e357cfd6880d2a68b549808fb5
-
SHA256
afdec619097187377413725fb19faba6b3c59ee855404763106ff33e029b6c2f
-
SHA512
42ba3a999fb65ac0d428c176115b331215b9637b9b23c776650915029eabc74877fa26df96fd17ce6e7f73629f6547c2473f8845e2fc0a88ce96745fa3edead6
-
SSDEEP
6144:z3axlQxchRdjLmtrBuMrdekUH63u+X5sc57/k:m0xGLTuPL5g
Malware Config
Targets
-
-
Target
d0757330cc78f6f9e3c56cd73c3f1e14_JaffaCakes118
-
Size
272KB
-
MD5
d0757330cc78f6f9e3c56cd73c3f1e14
-
SHA1
24016b0de904d3e357cfd6880d2a68b549808fb5
-
SHA256
afdec619097187377413725fb19faba6b3c59ee855404763106ff33e029b6c2f
-
SHA512
42ba3a999fb65ac0d428c176115b331215b9637b9b23c776650915029eabc74877fa26df96fd17ce6e7f73629f6547c2473f8845e2fc0a88ce96745fa3edead6
-
SSDEEP
6144:z3axlQxchRdjLmtrBuMrdekUH63u+X5sc57/k:m0xGLTuPL5g
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2