General
-
Target
d3f7c7568412b9195d7c190ffb3c8f3e_JaffaCakes118
-
Size
132KB
-
Sample
240908-knn1psyeke
-
MD5
d3f7c7568412b9195d7c190ffb3c8f3e
-
SHA1
668d06e631dafc8fae3ca4414847d9e9fab5f920
-
SHA256
8fd5be32a9dbd96b63863ba90bf93bdcb5ba5e2537ec6a4685993a8a83097b31
-
SHA512
36a29162060cf7707d336227c8faf2e78259bbe13d208bc93b6649fa3a718f16f96c09c899a9c9eaeb12ff3b971ca8ea8f6f37ef1e12a576edc4c53ee1e8be85
-
SSDEEP
1536:8Bm4I/TuH6rM2qEbBkIvI4DyQDIws/HmmYbRdfuL0wo7JaS1:MI/TuH63qEbBkn4e2s/HmlTfdwQL
Malware Config
Targets
-
-
Target
d3f7c7568412b9195d7c190ffb3c8f3e_JaffaCakes118
-
Size
132KB
-
MD5
d3f7c7568412b9195d7c190ffb3c8f3e
-
SHA1
668d06e631dafc8fae3ca4414847d9e9fab5f920
-
SHA256
8fd5be32a9dbd96b63863ba90bf93bdcb5ba5e2537ec6a4685993a8a83097b31
-
SHA512
36a29162060cf7707d336227c8faf2e78259bbe13d208bc93b6649fa3a718f16f96c09c899a9c9eaeb12ff3b971ca8ea8f6f37ef1e12a576edc4c53ee1e8be85
-
SSDEEP
1536:8Bm4I/TuH6rM2qEbBkIvI4DyQDIws/HmmYbRdfuL0wo7JaS1:MI/TuH63qEbBkn4e2s/HmlTfdwQL
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2