General
-
Target
d3920af80d7d4eabde1d16c7fb0a01f2_JaffaCakes118
-
Size
140KB
-
Sample
240908-fenw5azanf
-
MD5
d3920af80d7d4eabde1d16c7fb0a01f2
-
SHA1
991bc2fe2c1a0386598ac2354b5df147a00cf6b5
-
SHA256
c18d10b384f7f7d9f3e6001362aff240af3dd1116eace862835ce3ab635c9ea2
-
SHA512
6f2c1c7006af1074e673afbe0dbc6db4e2c88e1feb07e72bc5a8dd4bbf183bbc9275d86bf791c1a601acb3951a588179de5ed9815f00648f5f443c48556ff2cd
-
SSDEEP
768:zdiUSyt4pd04q0zik+vhy7g0EM/LinbQ+Awig:RSeEn3+pCg0EUGQ+7ig
Malware Config
Targets
-
-
Target
d3920af80d7d4eabde1d16c7fb0a01f2_JaffaCakes118
-
Size
140KB
-
MD5
d3920af80d7d4eabde1d16c7fb0a01f2
-
SHA1
991bc2fe2c1a0386598ac2354b5df147a00cf6b5
-
SHA256
c18d10b384f7f7d9f3e6001362aff240af3dd1116eace862835ce3ab635c9ea2
-
SHA512
6f2c1c7006af1074e673afbe0dbc6db4e2c88e1feb07e72bc5a8dd4bbf183bbc9275d86bf791c1a601acb3951a588179de5ed9815f00648f5f443c48556ff2cd
-
SSDEEP
768:zdiUSyt4pd04q0zik+vhy7g0EM/LinbQ+Awig:RSeEn3+pCg0EUGQ+7ig
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2