General
-
Target
da209969c33db24fa5c7116d2e7fd5bf_JaffaCakes118
-
Size
228KB
-
Sample
240911-mahmwawaja
-
MD5
da209969c33db24fa5c7116d2e7fd5bf
-
SHA1
db8a6bfa43908adddff9dccbd89fef9c514c8d2a
-
SHA256
085c9edfbb616fb44d91832579d5d774955c69d090757bd98c6572993729c55f
-
SHA512
0155ff48eae7b7a2b7abdcd7f2529e566243868481745d1aec1fcd4f190454c1a6e476711d3ec138e7be191131704612305513c62f112ed3eeac2458e94b9730
-
SSDEEP
6144:MLGDh4jLt4NVcWgyGELwXiS8T+bbhn7aRjS5ZgBbfh:yGWntWyD1LiS8lS5ZIJ
Malware Config
Targets
-
-
Target
da209969c33db24fa5c7116d2e7fd5bf_JaffaCakes118
-
Size
228KB
-
MD5
da209969c33db24fa5c7116d2e7fd5bf
-
SHA1
db8a6bfa43908adddff9dccbd89fef9c514c8d2a
-
SHA256
085c9edfbb616fb44d91832579d5d774955c69d090757bd98c6572993729c55f
-
SHA512
0155ff48eae7b7a2b7abdcd7f2529e566243868481745d1aec1fcd4f190454c1a6e476711d3ec138e7be191131704612305513c62f112ed3eeac2458e94b9730
-
SSDEEP
6144:MLGDh4jLt4NVcWgyGELwXiS8T+bbhn7aRjS5ZgBbfh:yGWntWyD1LiS8lS5ZIJ
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2