General
-
Target
d3c2124079175563904da083cc959d10_JaffaCakes118
-
Size
88KB
-
Sample
240908-hca9cstemg
-
MD5
d3c2124079175563904da083cc959d10
-
SHA1
4dc9517a1299ee8c932691cb269d91b8cb52f61c
-
SHA256
d45d732542df5f5a32c56e493026b4af69dd89e539c4656801e96410a289d8f3
-
SHA512
6d36068f2c41b1b823f24b5ba68b1ecf5e1bbd82e22709e9600bd49819fd495632bd296cbd0bc1bf453cc362aa96fef7e3529cd0a12753adfd66a28589f12256
-
SSDEEP
1536:phBCGiRQBO5zjH2PfO/zNbup/EbUjtjZjgjWjpjy0UQh18Vma:dCjRpPN0USaVv
Malware Config
Targets
-
-
Target
d3c2124079175563904da083cc959d10_JaffaCakes118
-
Size
88KB
-
MD5
d3c2124079175563904da083cc959d10
-
SHA1
4dc9517a1299ee8c932691cb269d91b8cb52f61c
-
SHA256
d45d732542df5f5a32c56e493026b4af69dd89e539c4656801e96410a289d8f3
-
SHA512
6d36068f2c41b1b823f24b5ba68b1ecf5e1bbd82e22709e9600bd49819fd495632bd296cbd0bc1bf453cc362aa96fef7e3529cd0a12753adfd66a28589f12256
-
SSDEEP
1536:phBCGiRQBO5zjH2PfO/zNbup/EbUjtjZjgjWjpjy0UQh18Vma:dCjRpPN0USaVv
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2