General
-
Target
e0d6fb49c2c36eaf1519ab1e215f07a5_JaffaCakes118
-
Size
300KB
-
Sample
240914-xrd15a1alc
-
MD5
e0d6fb49c2c36eaf1519ab1e215f07a5
-
SHA1
bd5f9636e285ec713956e3a498e6a723523ea382
-
SHA256
388fd42a0da8b465c83971811b59aa9c907a77f54d0fd205bceeb4b3896e3881
-
SHA512
51efffb7456a20fd5ba0698ab743ce7928d56ab0049c401916296256d3684f46c8d76cd1a48afdf7916d0b96b345ebd5bf585c483ab11988b41396d6e86cbb64
-
SSDEEP
6144:h3uM1pRXQXL3EHge4Mn4W97YNP/sspDhBeOAUl:oMtQXL3EHge4Mn4W97YNP/sIBeOZl
Malware Config
Targets
-
-
Target
e0d6fb49c2c36eaf1519ab1e215f07a5_JaffaCakes118
-
Size
300KB
-
MD5
e0d6fb49c2c36eaf1519ab1e215f07a5
-
SHA1
bd5f9636e285ec713956e3a498e6a723523ea382
-
SHA256
388fd42a0da8b465c83971811b59aa9c907a77f54d0fd205bceeb4b3896e3881
-
SHA512
51efffb7456a20fd5ba0698ab743ce7928d56ab0049c401916296256d3684f46c8d76cd1a48afdf7916d0b96b345ebd5bf585c483ab11988b41396d6e86cbb64
-
SSDEEP
6144:h3uM1pRXQXL3EHge4Mn4W97YNP/sspDhBeOAUl:oMtQXL3EHge4Mn4W97YNP/sIBeOZl
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2