General
-
Target
de3e0a28798f92fbdae3ec6c66e06432_JaffaCakes118
-
Size
152KB
-
Sample
240913-nc5qvsygpq
-
MD5
de3e0a28798f92fbdae3ec6c66e06432
-
SHA1
b726a777431d1fa582a6946cb830880db28598cc
-
SHA256
bbe77b530afc9624101989d471e320aa730af67d9b106d8075bddebd8fe64c11
-
SHA512
ed0aa99f779e3a7935fabc7f427aa3939e1973502836e677c015ec32a688e3da62369d17827d6c7578a8bb663506bc7365611baf35d22a4aec1c18fb84b045a6
-
SSDEEP
3072:ptDgFiCmeGMS6WLI3kTB58hahpkzFhPAOJ0NAW/pC4oQZiELvZ7:k9meGMS6Wc3kn9ADPAOJ0NJUWZV
Malware Config
Targets
-
-
Target
de3e0a28798f92fbdae3ec6c66e06432_JaffaCakes118
-
Size
152KB
-
MD5
de3e0a28798f92fbdae3ec6c66e06432
-
SHA1
b726a777431d1fa582a6946cb830880db28598cc
-
SHA256
bbe77b530afc9624101989d471e320aa730af67d9b106d8075bddebd8fe64c11
-
SHA512
ed0aa99f779e3a7935fabc7f427aa3939e1973502836e677c015ec32a688e3da62369d17827d6c7578a8bb663506bc7365611baf35d22a4aec1c18fb84b045a6
-
SSDEEP
3072:ptDgFiCmeGMS6WLI3kTB58hahpkzFhPAOJ0NAW/pC4oQZiELvZ7:k9meGMS6Wc3kn9ADPAOJ0NJUWZV
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2