General
-
Target
d1af01da069bda834be4df0ff4e96582_JaffaCakes118
-
Size
100KB
-
Sample
240907-l59jeayene
-
MD5
d1af01da069bda834be4df0ff4e96582
-
SHA1
a0684887633f3b89d81809f02e3cd3719a366b5a
-
SHA256
4afae780049f3621150ae9efecbf121f9a58ca261b4c120f4a61f72d1bd113e7
-
SHA512
69978e428d7fd87ed80dba116e87891df107679b89e32ed9fe4938c2422a9edfd5e263ca7845a1a8f9919ad5dd0cd94805faffe73f3aa75d0ad1187a0b3ce1d1
-
SSDEEP
1536:jtWRcX220mQ+fxJKIRGWcOUP7vXArnY1ZqAefzyesqNIjni:JdQZNAfzyeBCni
Malware Config
Targets
-
-
Target
d1af01da069bda834be4df0ff4e96582_JaffaCakes118
-
Size
100KB
-
MD5
d1af01da069bda834be4df0ff4e96582
-
SHA1
a0684887633f3b89d81809f02e3cd3719a366b5a
-
SHA256
4afae780049f3621150ae9efecbf121f9a58ca261b4c120f4a61f72d1bd113e7
-
SHA512
69978e428d7fd87ed80dba116e87891df107679b89e32ed9fe4938c2422a9edfd5e263ca7845a1a8f9919ad5dd0cd94805faffe73f3aa75d0ad1187a0b3ce1d1
-
SSDEEP
1536:jtWRcX220mQ+fxJKIRGWcOUP7vXArnY1ZqAefzyesqNIjni:JdQZNAfzyeBCni
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2