General
-
Target
d6df99177071154a84af23983805ded0_JaffaCakes118
-
Size
156KB
-
Sample
240909-w5a1ysvdrf
-
MD5
d6df99177071154a84af23983805ded0
-
SHA1
7d4b426cb8eb9a9af8e62a076e2f7f02ebe988bb
-
SHA256
7026766a8999707146dc7265024951c91384c39013a32a9f8442d8a99445110c
-
SHA512
4768848fbb46c3b88cf72fe84bb854843bbcb3304e25412d1af8ce6215b3ae9fef8eb9fdcb974c1949c1bb8e6004bf68218dcfd819281057d88ce12c81507ad8
-
SSDEEP
1536:qqrFv3LhRsNLCNMSG5+SUdqeHAQWXZaNwRRczNoU1LbLkOVChh:7rF3zaZLBRWhlLSh
Malware Config
Targets
-
-
Target
d6df99177071154a84af23983805ded0_JaffaCakes118
-
Size
156KB
-
MD5
d6df99177071154a84af23983805ded0
-
SHA1
7d4b426cb8eb9a9af8e62a076e2f7f02ebe988bb
-
SHA256
7026766a8999707146dc7265024951c91384c39013a32a9f8442d8a99445110c
-
SHA512
4768848fbb46c3b88cf72fe84bb854843bbcb3304e25412d1af8ce6215b3ae9fef8eb9fdcb974c1949c1bb8e6004bf68218dcfd819281057d88ce12c81507ad8
-
SSDEEP
1536:qqrFv3LhRsNLCNMSG5+SUdqeHAQWXZaNwRRczNoU1LbLkOVChh:7rF3zaZLBRWhlLSh
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2