General
-
Target
d750e94e0471395a913702df45fb145f_JaffaCakes118
-
Size
184KB
-
Sample
240910-afas1axcjm
-
MD5
d750e94e0471395a913702df45fb145f
-
SHA1
2c4ad8fb795088da5591985e24ad716bfd14e2d8
-
SHA256
eb73e3fc3a6965117d73f516a3811e06522b07f5d58faeaad2ebe56fbf6bd268
-
SHA512
4ce71cab222eea13c7b92d93f9867bf34f87c7983437e704cb6d563b77f39f262d02adb6e25133122eea1721db9ef99951f8e3c3a208b23b7cd483ad307a91f3
-
SSDEEP
3072:ZI5EBc9YUdtG716ennADVeMfcRAGKB+uMTEd1CTu:Zidu1tnADVhERAGKB+uSEdl
Malware Config
Targets
-
-
Target
d750e94e0471395a913702df45fb145f_JaffaCakes118
-
Size
184KB
-
MD5
d750e94e0471395a913702df45fb145f
-
SHA1
2c4ad8fb795088da5591985e24ad716bfd14e2d8
-
SHA256
eb73e3fc3a6965117d73f516a3811e06522b07f5d58faeaad2ebe56fbf6bd268
-
SHA512
4ce71cab222eea13c7b92d93f9867bf34f87c7983437e704cb6d563b77f39f262d02adb6e25133122eea1721db9ef99951f8e3c3a208b23b7cd483ad307a91f3
-
SSDEEP
3072:ZI5EBc9YUdtG716ennADVeMfcRAGKB+uMTEd1CTu:Zidu1tnADVhERAGKB+uSEdl
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2