General
-
Target
ea8452abb5a38378cb74bf5c97519eed_JaffaCakes118
-
Size
96KB
-
Sample
240919-d78e5azalq
-
MD5
ea8452abb5a38378cb74bf5c97519eed
-
SHA1
39da7cc18293d7854ca793c36393b1bbac40f151
-
SHA256
9e5c01509e23e5d937d6bf42f24f29a736360c67eeb1fd17679114131d181092
-
SHA512
313baa2d71b7cbd41c6c11bb38199d8f2eb52a20eafb141b03d8ca684c90d82b1ee589ca4c39e5b07b761489dc1e00b324e83205e9a6aa012e6279df899a4856
-
SSDEEP
1536:VjQBHnf6cO/hkwJgkGulSc16l6u+NMMl/KlYv1Tq5ThFgNIjnZJ+:QUhRlu8CFFgCnL+
Malware Config
Targets
-
-
Target
ea8452abb5a38378cb74bf5c97519eed_JaffaCakes118
-
Size
96KB
-
MD5
ea8452abb5a38378cb74bf5c97519eed
-
SHA1
39da7cc18293d7854ca793c36393b1bbac40f151
-
SHA256
9e5c01509e23e5d937d6bf42f24f29a736360c67eeb1fd17679114131d181092
-
SHA512
313baa2d71b7cbd41c6c11bb38199d8f2eb52a20eafb141b03d8ca684c90d82b1ee589ca4c39e5b07b761489dc1e00b324e83205e9a6aa012e6279df899a4856
-
SSDEEP
1536:VjQBHnf6cO/hkwJgkGulSc16l6u+NMMl/KlYv1Tq5ThFgNIjnZJ+:QUhRlu8CFFgCnL+
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2