General
-
Target
dc60f65b194154c82c4e4a9c0a010a64_JaffaCakes118
-
Size
220KB
-
Sample
240912-rdxnesxgpj
-
MD5
dc60f65b194154c82c4e4a9c0a010a64
-
SHA1
8ea3701e74d70b5d7c18f52255d164a15d7839ae
-
SHA256
0f63fbc2008ec12ec8ea49c72c323bb0aecb96cf94de1e171ba5b5dd1a3a049b
-
SHA512
16e092ecd8c1c6b314e9553cd7e7f8172ab8f89ad42b4708646f91b6aec3f9ccbfdc56dd07f205f1c1911b87cecc4cfc17bb605ac5008c02e9d89c6a20f7be07
-
SSDEEP
3072:yQqwTpkJ8YUL4qx9RIHgil3UuhSa3U3dDpd6Oy+MIrnj3JhNcW:hNVkS15x9SHVe1jZ5
Malware Config
Targets
-
-
Target
dc60f65b194154c82c4e4a9c0a010a64_JaffaCakes118
-
Size
220KB
-
MD5
dc60f65b194154c82c4e4a9c0a010a64
-
SHA1
8ea3701e74d70b5d7c18f52255d164a15d7839ae
-
SHA256
0f63fbc2008ec12ec8ea49c72c323bb0aecb96cf94de1e171ba5b5dd1a3a049b
-
SHA512
16e092ecd8c1c6b314e9553cd7e7f8172ab8f89ad42b4708646f91b6aec3f9ccbfdc56dd07f205f1c1911b87cecc4cfc17bb605ac5008c02e9d89c6a20f7be07
-
SSDEEP
3072:yQqwTpkJ8YUL4qx9RIHgil3UuhSa3U3dDpd6Oy+MIrnj3JhNcW:hNVkS15x9SHVe1jZ5
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2