General
-
Target
de707053d58babaf5eb9c7115154612d_JaffaCakes118
-
Size
244KB
-
Sample
240913-syxplavhjn
-
MD5
de707053d58babaf5eb9c7115154612d
-
SHA1
3c020980e48994ed859c0dc5084d7b6979ff64c1
-
SHA256
2deb6f6e116c990886cd374790714ac8300d9c48c7ca8ddca3c965b7799d4216
-
SHA512
a3b5a6f209df562297c91799716371b202e1c2915f2a947338439bc2cc80a301e483db44824f06ffd24d27c068ae8c8d3093458f7fee100cfa93ac1039930635
-
SSDEEP
768:1lvMaHfJcwaMCJUwbjMPkG1VuW/wqvRXMXp677yCzdXZRT2Nq1MaQnepMri14PGe:1Rl/JcsKJlGVs4emEFbcP0
Malware Config
Targets
-
-
Target
de707053d58babaf5eb9c7115154612d_JaffaCakes118
-
Size
244KB
-
MD5
de707053d58babaf5eb9c7115154612d
-
SHA1
3c020980e48994ed859c0dc5084d7b6979ff64c1
-
SHA256
2deb6f6e116c990886cd374790714ac8300d9c48c7ca8ddca3c965b7799d4216
-
SHA512
a3b5a6f209df562297c91799716371b202e1c2915f2a947338439bc2cc80a301e483db44824f06ffd24d27c068ae8c8d3093458f7fee100cfa93ac1039930635
-
SSDEEP
768:1lvMaHfJcwaMCJUwbjMPkG1VuW/wqvRXMXp677yCzdXZRT2Nq1MaQnepMri14PGe:1Rl/JcsKJlGVs4emEFbcP0
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2