General
-
Target
e1787b5ce41603b89024cf561881d9c8_JaffaCakes118
-
Size
220KB
-
Sample
240915-b875mszbkr
-
MD5
e1787b5ce41603b89024cf561881d9c8
-
SHA1
1e39a3aae037b31d90184e6a2adaac48ffb1fed4
-
SHA256
d8ad94d4a7e6881d1d514e0241c6171bed8b1779fe0073e793acb615eb68044f
-
SHA512
5cd762e1bf5f06a8891befed31e1c2e62288df0d50b1ca6a0b72b0d93ee4f72e969cee623c468424fd10fa0ab521b7e12974cd4974cbfa78d28a2cab8726b7c5
-
SSDEEP
3072:rwOu9kr8YUL4qx9RIHgil3UuhSa3U3dD8d6Oy+MIrnj3J+NM:sOMko15x9SHVeOj0
Malware Config
Targets
-
-
Target
e1787b5ce41603b89024cf561881d9c8_JaffaCakes118
-
Size
220KB
-
MD5
e1787b5ce41603b89024cf561881d9c8
-
SHA1
1e39a3aae037b31d90184e6a2adaac48ffb1fed4
-
SHA256
d8ad94d4a7e6881d1d514e0241c6171bed8b1779fe0073e793acb615eb68044f
-
SHA512
5cd762e1bf5f06a8891befed31e1c2e62288df0d50b1ca6a0b72b0d93ee4f72e969cee623c468424fd10fa0ab521b7e12974cd4974cbfa78d28a2cab8726b7c5
-
SSDEEP
3072:rwOu9kr8YUL4qx9RIHgil3UuhSa3U3dD8d6Oy+MIrnj3J+NM:sOMko15x9SHVeOj0
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2