General
-
Target
e9e3d306af1663bcc021338c4bd4515c_JaffaCakes118
-
Size
152KB
-
Sample
240918-yw6gls1gnm
-
MD5
e9e3d306af1663bcc021338c4bd4515c
-
SHA1
4f47bf198b5f3cc3c9a54d003c04984d382fe333
-
SHA256
150b09cc2dfcc271d2e2017c213125e5ec3d5df73383b10b583f663b5186997e
-
SHA512
337fc151cc0d7abb0cd77ee527dabb55d214589a50b7cf41bac0818807a0a3cdbd119215cb77f4d935affc22ac1e0c77a882ecf156803c26af0c23e0007fee3a
-
SSDEEP
1536:B5gmF+VoV6qZO5WV9PZ1K+smtK4/ZWnKTzf:B5gmF+VoV6qZO5W7afKTz
Malware Config
Targets
-
-
Target
e9e3d306af1663bcc021338c4bd4515c_JaffaCakes118
-
Size
152KB
-
MD5
e9e3d306af1663bcc021338c4bd4515c
-
SHA1
4f47bf198b5f3cc3c9a54d003c04984d382fe333
-
SHA256
150b09cc2dfcc271d2e2017c213125e5ec3d5df73383b10b583f663b5186997e
-
SHA512
337fc151cc0d7abb0cd77ee527dabb55d214589a50b7cf41bac0818807a0a3cdbd119215cb77f4d935affc22ac1e0c77a882ecf156803c26af0c23e0007fee3a
-
SSDEEP
1536:B5gmF+VoV6qZO5WV9PZ1K+smtK4/ZWnKTzf:B5gmF+VoV6qZO5W7afKTz
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2