General
-
Target
d9c2f0804420c861d97b95d474d1fbcb_JaffaCakes118
-
Size
124KB
-
Sample
240911-gxqn4sxbpf
-
MD5
d9c2f0804420c861d97b95d474d1fbcb
-
SHA1
d514fa7add071959e21c20684ef0fa37fe9e3d1c
-
SHA256
dc92db6e1f2a1044759f7b80303ddb4a8fb54d4f1e725e15536bb7e02f3c251c
-
SHA512
5d0e0ef8f13f8280cf9580f0080ab67d099d4798652a89db34322279e2c4c88e3ae2b6fa7268ddcf8a2b015487e640c910f1de33f7cf1becef135eb8cfbb612c
-
SSDEEP
1536:7gtkjqTQTU0GgAJa0P1kNmKldCMhdu8KWP/nTn8nBP9VeRPNeG0h/y:akj5TU0GgAT9QIq
Malware Config
Targets
-
-
Target
d9c2f0804420c861d97b95d474d1fbcb_JaffaCakes118
-
Size
124KB
-
MD5
d9c2f0804420c861d97b95d474d1fbcb
-
SHA1
d514fa7add071959e21c20684ef0fa37fe9e3d1c
-
SHA256
dc92db6e1f2a1044759f7b80303ddb4a8fb54d4f1e725e15536bb7e02f3c251c
-
SHA512
5d0e0ef8f13f8280cf9580f0080ab67d099d4798652a89db34322279e2c4c88e3ae2b6fa7268ddcf8a2b015487e640c910f1de33f7cf1becef135eb8cfbb612c
-
SSDEEP
1536:7gtkjqTQTU0GgAJa0P1kNmKldCMhdu8KWP/nTn8nBP9VeRPNeG0h/y:akj5TU0GgAT9QIq
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2