General
-
Target
d2a86affb45275499fd7441fde6f3cff_JaffaCakes118
-
Size
240KB
-
Sample
240907-x1en1szfjp
-
MD5
d2a86affb45275499fd7441fde6f3cff
-
SHA1
f6858916c4e22c4629adf3d1a2b642e0a66f0d8c
-
SHA256
aa00d0d99783c4997882b2843e40e289f16b759827b732030d6170e1c9a63393
-
SHA512
fe4f3686ecce5f9dd66ea4eb99c2df77a42f84fdc4bb922d62b38379d65c6e97076d39f35e350abf78db8ea0faefe5663fc6457a247d84c16ba1a073e3d9cc7e
-
SSDEEP
6144:7U7P3dwqsNwemAB0EqxF6snji81RUinKchhyqSQ:SPdQQJsl
Malware Config
Targets
-
-
Target
d2a86affb45275499fd7441fde6f3cff_JaffaCakes118
-
Size
240KB
-
MD5
d2a86affb45275499fd7441fde6f3cff
-
SHA1
f6858916c4e22c4629adf3d1a2b642e0a66f0d8c
-
SHA256
aa00d0d99783c4997882b2843e40e289f16b759827b732030d6170e1c9a63393
-
SHA512
fe4f3686ecce5f9dd66ea4eb99c2df77a42f84fdc4bb922d62b38379d65c6e97076d39f35e350abf78db8ea0faefe5663fc6457a247d84c16ba1a073e3d9cc7e
-
SSDEEP
6144:7U7P3dwqsNwemAB0EqxF6snji81RUinKchhyqSQ:SPdQQJsl
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2