General
-
Target
ea75461cccd917ba0c9e97315e9f9030_JaffaCakes118
-
Size
244KB
-
Sample
240919-dfeczaxfkj
-
MD5
ea75461cccd917ba0c9e97315e9f9030
-
SHA1
ed4c49a6cbcc9b655f2fe08424a3a069b6864991
-
SHA256
fae685738dd02a68101a103ab5019da5f90eea5b927d6dfba093bf47646975c5
-
SHA512
d770831170c5536645903d312b719f1d31336ec7c95b867f666e1793e728ce5bec619486b924d27eae9f3e7aba72d3b3cff3fec33d63852701620d9f20f93924
-
SSDEEP
6144:UYiQ+u5HAPkbZePJDmlI/+dfkIOwgccXYJcmI3cvHQOFZayUa/nM2a:TiQ+u5HAPk9EUoYJcmym0V
Malware Config
Targets
-
-
Target
ea75461cccd917ba0c9e97315e9f9030_JaffaCakes118
-
Size
244KB
-
MD5
ea75461cccd917ba0c9e97315e9f9030
-
SHA1
ed4c49a6cbcc9b655f2fe08424a3a069b6864991
-
SHA256
fae685738dd02a68101a103ab5019da5f90eea5b927d6dfba093bf47646975c5
-
SHA512
d770831170c5536645903d312b719f1d31336ec7c95b867f666e1793e728ce5bec619486b924d27eae9f3e7aba72d3b3cff3fec33d63852701620d9f20f93924
-
SSDEEP
6144:UYiQ+u5HAPkbZePJDmlI/+dfkIOwgccXYJcmI3cvHQOFZayUa/nM2a:TiQ+u5HAPk9EUoYJcmym0V
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2