General
-
Target
d3494cccedb2b283d4132c1037072ab2_JaffaCakes118
-
Size
176KB
-
Sample
240908-cfvvaa1bnc
-
MD5
d3494cccedb2b283d4132c1037072ab2
-
SHA1
24636a60c4c1aded80cfd26587ddd07f17c20e34
-
SHA256
9ba418c9ff4574a5b61cfe3f1601445db87a0d6e993b2f553d03b7a27cb43721
-
SHA512
e6394b4e3cc041118d2756e066825b3fd1b24fec3567a0b4cd0099a75aa3310d6cfea5dc633e885d9c0d283230a59913ba7ea5b492f38e6f6782fc0298cecb1e
-
SSDEEP
3072:qzpUOUP8b8RuBnI16UCceGyYyKnvmb7/D26VNr79JEx/G/OOIVLM/tAGjiBuAZdW:8RUkwuBnI16ZoGKnvmb7/D26P/9JEx/s
Malware Config
Targets
-
-
Target
d3494cccedb2b283d4132c1037072ab2_JaffaCakes118
-
Size
176KB
-
MD5
d3494cccedb2b283d4132c1037072ab2
-
SHA1
24636a60c4c1aded80cfd26587ddd07f17c20e34
-
SHA256
9ba418c9ff4574a5b61cfe3f1601445db87a0d6e993b2f553d03b7a27cb43721
-
SHA512
e6394b4e3cc041118d2756e066825b3fd1b24fec3567a0b4cd0099a75aa3310d6cfea5dc633e885d9c0d283230a59913ba7ea5b492f38e6f6782fc0298cecb1e
-
SSDEEP
3072:qzpUOUP8b8RuBnI16UCceGyYyKnvmb7/D26VNr79JEx/G/OOIVLM/tAGjiBuAZdW:8RUkwuBnI16ZoGKnvmb7/D26P/9JEx/s
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2