General
-
Target
ea24e6ce41fa26e64bdb39462880caf1_JaffaCakes118
-
Size
108KB
-
Sample
240918-24axfsxgre
-
MD5
ea24e6ce41fa26e64bdb39462880caf1
-
SHA1
71ca20524dd32c73ccf1b6c361bcbbcd1e062f72
-
SHA256
de996630b0709fb22e639dc70ec2f48840796770092381a91ad10eeafead6d10
-
SHA512
c69e275297512ebc31b5fdf37ce7bfa33e50cb9e8c3ac7740502180af383c9a6deae68c7783ee52750ad90041b0172e59ca5f8ffed57226295a74eb3fb88ed73
-
SSDEEP
1536:cPX/V5Ejes5mBVKuCrENMRs7IuCoLwhJt5G35Xm4ofWmkVpgWKBjWSKM8IVbnOhy:kX/4QCs7I1KWyQCn6B
Malware Config
Targets
-
-
Target
ea24e6ce41fa26e64bdb39462880caf1_JaffaCakes118
-
Size
108KB
-
MD5
ea24e6ce41fa26e64bdb39462880caf1
-
SHA1
71ca20524dd32c73ccf1b6c361bcbbcd1e062f72
-
SHA256
de996630b0709fb22e639dc70ec2f48840796770092381a91ad10eeafead6d10
-
SHA512
c69e275297512ebc31b5fdf37ce7bfa33e50cb9e8c3ac7740502180af383c9a6deae68c7783ee52750ad90041b0172e59ca5f8ffed57226295a74eb3fb88ed73
-
SSDEEP
1536:cPX/V5Ejes5mBVKuCrENMRs7IuCoLwhJt5G35Xm4ofWmkVpgWKBjWSKM8IVbnOhy:kX/4QCs7I1KWyQCn6B
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2