General
-
Target
df75ec3ccd660c285e01a130293e61de_JaffaCakes118
-
Size
200KB
-
Sample
240914-ep6z1swgmb
-
MD5
df75ec3ccd660c285e01a130293e61de
-
SHA1
29cc9872899ffedacc3c30ad92277f29ebfb11c3
-
SHA256
289fbcf00ff63f31636fbc55fec6dff78fe18d1f4c6f2d5bb2999e0bd323698f
-
SHA512
7183cc0d126ec56dbe2d9166715e050b03275a95867f412b44a2f4b5659a5883bbecbf641fdf0a110ad4c4a10195394789759e0ddcc33e3eeefd1673331366d5
-
SSDEEP
3072:uUcVG0tQ9nLHbB9WHCS0AgTlhsp3mW6q:P4QxL7B9WHK9Jhsp37
Malware Config
Targets
-
-
Target
df75ec3ccd660c285e01a130293e61de_JaffaCakes118
-
Size
200KB
-
MD5
df75ec3ccd660c285e01a130293e61de
-
SHA1
29cc9872899ffedacc3c30ad92277f29ebfb11c3
-
SHA256
289fbcf00ff63f31636fbc55fec6dff78fe18d1f4c6f2d5bb2999e0bd323698f
-
SHA512
7183cc0d126ec56dbe2d9166715e050b03275a95867f412b44a2f4b5659a5883bbecbf641fdf0a110ad4c4a10195394789759e0ddcc33e3eeefd1673331366d5
-
SSDEEP
3072:uUcVG0tQ9nLHbB9WHCS0AgTlhsp3mW6q:P4QxL7B9WHK9Jhsp37
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2