General
-
Target
ea7fc8ec745053d196b11ffdf55a2a05_JaffaCakes118
-
Size
216KB
-
Sample
240919-dz4f7sycrg
-
MD5
ea7fc8ec745053d196b11ffdf55a2a05
-
SHA1
60c9c4eeee16c7173786de13f2d3a9b84c383b12
-
SHA256
7f7b361d471fd647063ef58da9e0923a655847d87f45ebeb897f804acf6e1a78
-
SHA512
a5fe395ef252204d08c0d8367819857e02fe1003b6a29738fefae435e1d648cc53ba0bf8b0ff660bf222dd7cfd6f696718e2b6d75b45d6176899cb265bd0b0f0
-
SSDEEP
3072:+YEi5xxe705cmpH8ijBcS6iS/bO40nN9k+s7EeHiAxIbYpzb:+YPDEHmpcyWX3/640N9kLjmE
Malware Config
Targets
-
-
Target
ea7fc8ec745053d196b11ffdf55a2a05_JaffaCakes118
-
Size
216KB
-
MD5
ea7fc8ec745053d196b11ffdf55a2a05
-
SHA1
60c9c4eeee16c7173786de13f2d3a9b84c383b12
-
SHA256
7f7b361d471fd647063ef58da9e0923a655847d87f45ebeb897f804acf6e1a78
-
SHA512
a5fe395ef252204d08c0d8367819857e02fe1003b6a29738fefae435e1d648cc53ba0bf8b0ff660bf222dd7cfd6f696718e2b6d75b45d6176899cb265bd0b0f0
-
SSDEEP
3072:+YEi5xxe705cmpH8ijBcS6iS/bO40nN9k+s7EeHiAxIbYpzb:+YPDEHmpcyWX3/640N9kLjmE
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2