General
-
Target
ea84b6af5f6a48b6b74145b997c2606f_JaffaCakes118
-
Size
128KB
-
Sample
240919-d8vknazapp
-
MD5
ea84b6af5f6a48b6b74145b997c2606f
-
SHA1
177e83fae128670a95d3e5a2a4d823babbc02611
-
SHA256
2b2f4366d2589b9d413220829d2e2609e2589c1ea91bc50148a9bcce7278f552
-
SHA512
71c6175af90f90ddec05f4e189bdc0a80a3ce017257b2b1be9043ce7ef5aaa394faea967b7db5c928ea7c718a441c2a59734da7bd8ad18198d590dedcfe39811
-
SSDEEP
3072:GawcyIgI3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4SQSJ:QcYI3yGFInRO
Malware Config
Targets
-
-
Target
ea84b6af5f6a48b6b74145b997c2606f_JaffaCakes118
-
Size
128KB
-
MD5
ea84b6af5f6a48b6b74145b997c2606f
-
SHA1
177e83fae128670a95d3e5a2a4d823babbc02611
-
SHA256
2b2f4366d2589b9d413220829d2e2609e2589c1ea91bc50148a9bcce7278f552
-
SHA512
71c6175af90f90ddec05f4e189bdc0a80a3ce017257b2b1be9043ce7ef5aaa394faea967b7db5c928ea7c718a441c2a59734da7bd8ad18198d590dedcfe39811
-
SSDEEP
3072:GawcyIgI3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4SQSJ:QcYI3yGFInRO
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2