General
-
Target
d72addde01744cbb8b47faaf1fcf2a64_JaffaCakes118
-
Size
135KB
-
Sample
240909-1xzfssvaqh
-
MD5
d72addde01744cbb8b47faaf1fcf2a64
-
SHA1
b61c1e754374073d9be532408fe249a3f4105c83
-
SHA256
d674380beffee1f96de1bfb5509f916ee21e36006f4411bd24b9c488cfb8cdc7
-
SHA512
8b075d5126c36eaebb7cbb26f051a4f783361f4fd81b1d06091ad6b51b076c4a8434fe437c13d3a5322d9a498bb34edf7ac7fc3f11489084b306488eda1c5af7
-
SSDEEP
3072:VNeuucnUPb1WpXVxAaGBvbNvNbNJkvmhyPQbaDTUXGIDbwKDqCtrwdAxaVTtVHLO:/dUoIDbByGPMsMP
Malware Config
Targets
-
-
Target
d72addde01744cbb8b47faaf1fcf2a64_JaffaCakes118
-
Size
135KB
-
MD5
d72addde01744cbb8b47faaf1fcf2a64
-
SHA1
b61c1e754374073d9be532408fe249a3f4105c83
-
SHA256
d674380beffee1f96de1bfb5509f916ee21e36006f4411bd24b9c488cfb8cdc7
-
SHA512
8b075d5126c36eaebb7cbb26f051a4f783361f4fd81b1d06091ad6b51b076c4a8434fe437c13d3a5322d9a498bb34edf7ac7fc3f11489084b306488eda1c5af7
-
SSDEEP
3072:VNeuucnUPb1WpXVxAaGBvbNvNbNJkvmhyPQbaDTUXGIDbwKDqCtrwdAxaVTtVHLO:/dUoIDbByGPMsMP
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2