General
-
Target
dcd55713e95d5afe850a85f3701f6910_JaffaCakes118
-
Size
124KB
-
Sample
240912-xdp68sybrj
-
MD5
dcd55713e95d5afe850a85f3701f6910
-
SHA1
47fa1ef786bf44a576e597d44b0500682958b686
-
SHA256
82ff835fbf94bec7b44f157eee539947feecc788970992e5371ca208daa621a3
-
SHA512
0b33ebd1feebce9238f145c64eb6dff7113651af45660c94521a0b97f41709e0c84aead756a855644db4eaec62eab9226586168dca220b79e56af5420459eb0a
-
SSDEEP
1536:fpE5hwRIwuBxeDtMYHa27J14ltxporZ45iqNeG0h9:RE5hwRzkeV6gJ1uCt45I9
Malware Config
Targets
-
-
Target
dcd55713e95d5afe850a85f3701f6910_JaffaCakes118
-
Size
124KB
-
MD5
dcd55713e95d5afe850a85f3701f6910
-
SHA1
47fa1ef786bf44a576e597d44b0500682958b686
-
SHA256
82ff835fbf94bec7b44f157eee539947feecc788970992e5371ca208daa621a3
-
SHA512
0b33ebd1feebce9238f145c64eb6dff7113651af45660c94521a0b97f41709e0c84aead756a855644db4eaec62eab9226586168dca220b79e56af5420459eb0a
-
SSDEEP
1536:fpE5hwRIwuBxeDtMYHa27J14ltxporZ45iqNeG0h9:RE5hwRzkeV6gJ1uCt45I9
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2