General
-
Target
dc50d207b031174ef0e3a5055569113c_JaffaCakes118
-
Size
316KB
-
Sample
240912-p3fp4avhpe
-
MD5
dc50d207b031174ef0e3a5055569113c
-
SHA1
2f547f3645d62fe470f10e5b0d5588d77cb43389
-
SHA256
90f2d12bb8db62f9ee60a87b683c1420f4cb7cf2b84aee47d87f19a100010c62
-
SHA512
02ed6bdc69a449151311ef4bcbcd9f5b2eff74426bf46694972ebd88339db425544ae0ac3bf0ffb958110628eee6f3c4a81c6b25a9c3f2f3f9a2bf3349ec639e
-
SSDEEP
6144:8EDHEJFtwaUAWHj27FEqFXgzhSXtUeTEZKCfzFK:8EIFtwbAWq7FEqFQz8XtUtfzFK
Malware Config
Targets
-
-
Target
dc50d207b031174ef0e3a5055569113c_JaffaCakes118
-
Size
316KB
-
MD5
dc50d207b031174ef0e3a5055569113c
-
SHA1
2f547f3645d62fe470f10e5b0d5588d77cb43389
-
SHA256
90f2d12bb8db62f9ee60a87b683c1420f4cb7cf2b84aee47d87f19a100010c62
-
SHA512
02ed6bdc69a449151311ef4bcbcd9f5b2eff74426bf46694972ebd88339db425544ae0ac3bf0ffb958110628eee6f3c4a81c6b25a9c3f2f3f9a2bf3349ec639e
-
SSDEEP
6144:8EDHEJFtwaUAWHj27FEqFXgzhSXtUeTEZKCfzFK:8EIFtwbAWq7FEqFQz8XtUtfzFK
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2