General
-
Target
d3d739e3197e149b9bb767dbee9e4949_JaffaCakes118
-
Size
196KB
-
Sample
240908-h97zlatcnr
-
MD5
d3d739e3197e149b9bb767dbee9e4949
-
SHA1
5a1e1bdeecced966f96124fe516153e8bf508510
-
SHA256
abf3f37f26a6527b8b1a53b1802defbae4a0c01ef907e96cc3e716e85127a670
-
SHA512
0b0954763d9c1eed2017d679d073e479d3fafcf2b0f0d8d97c7a809239f26f577571d130d145d7cd32a1a791b28680e728ad05a67c906795c24ba102d4f6c047
-
SSDEEP
3072:c7AVnPybzV8Q3io0ce4LTI208YioBK9QRO8qeXQ:cEVnPybzV8Oio0ctLTt08doLRO8qeg
Malware Config
Targets
-
-
Target
d3d739e3197e149b9bb767dbee9e4949_JaffaCakes118
-
Size
196KB
-
MD5
d3d739e3197e149b9bb767dbee9e4949
-
SHA1
5a1e1bdeecced966f96124fe516153e8bf508510
-
SHA256
abf3f37f26a6527b8b1a53b1802defbae4a0c01ef907e96cc3e716e85127a670
-
SHA512
0b0954763d9c1eed2017d679d073e479d3fafcf2b0f0d8d97c7a809239f26f577571d130d145d7cd32a1a791b28680e728ad05a67c906795c24ba102d4f6c047
-
SSDEEP
3072:c7AVnPybzV8Q3io0ce4LTI208YioBK9QRO8qeXQ:cEVnPybzV8Oio0ctLTt08doLRO8qeg
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2