General
-
Target
de7a1331d4444dda835e6ebd9c3ed1a6_JaffaCakes118
-
Size
216KB
-
Sample
240913-tpl26swfqr
-
MD5
de7a1331d4444dda835e6ebd9c3ed1a6
-
SHA1
ce6dbfd5d8dabfc82f0611600ef0011bece9d96a
-
SHA256
20200194590e9740731de1b0c12e4759237a2a130dc26cd43649a971f92515ce
-
SHA512
f2e5ecf5259d9303da7390839669a469bd5381011ac094d1ae013cdd657b2b345992b9b0c1ffc3dc81ed688f7765f82e673795a232ec846070dfd3e335efecb9
-
SSDEEP
3072:CFvdDkUoHFGFooobAqzNOEbOKZbtpGPsLx:CFvB6PseNmKJtpL
Malware Config
Targets
-
-
Target
de7a1331d4444dda835e6ebd9c3ed1a6_JaffaCakes118
-
Size
216KB
-
MD5
de7a1331d4444dda835e6ebd9c3ed1a6
-
SHA1
ce6dbfd5d8dabfc82f0611600ef0011bece9d96a
-
SHA256
20200194590e9740731de1b0c12e4759237a2a130dc26cd43649a971f92515ce
-
SHA512
f2e5ecf5259d9303da7390839669a469bd5381011ac094d1ae013cdd657b2b345992b9b0c1ffc3dc81ed688f7765f82e673795a232ec846070dfd3e335efecb9
-
SSDEEP
3072:CFvdDkUoHFGFooobAqzNOEbOKZbtpGPsLx:CFvB6PseNmKJtpL
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2