General
-
Target
ea89268b47eb8a7f70c3c549b5fdb01b_JaffaCakes118
-
Size
220KB
-
Sample
240919-efpz5szclc
-
MD5
ea89268b47eb8a7f70c3c549b5fdb01b
-
SHA1
1c7305571092e369fe96c8a978a0945bf842e508
-
SHA256
9fe745d70a5c2da0c1dc83948559e83a1b271dde9d4df581378aafb448af7c6f
-
SHA512
210e003eb5d77d9e0d367f4ec24f29b1fd1987b406cd1a26aa5999f5d8f841c9b04fe6fd6ff3c755b2ea58fd0bb87cf031579ed7bd5fad95f0447b8f54e1101d
-
SSDEEP
3072:pPR1SrkkY8YUL4qx9RIHgil3UuhSa3U3dD8d6Oy+MIrnj3JjN0J:L1SAkx15x9SHVeOjf+
Malware Config
Targets
-
-
Target
ea89268b47eb8a7f70c3c549b5fdb01b_JaffaCakes118
-
Size
220KB
-
MD5
ea89268b47eb8a7f70c3c549b5fdb01b
-
SHA1
1c7305571092e369fe96c8a978a0945bf842e508
-
SHA256
9fe745d70a5c2da0c1dc83948559e83a1b271dde9d4df581378aafb448af7c6f
-
SHA512
210e003eb5d77d9e0d367f4ec24f29b1fd1987b406cd1a26aa5999f5d8f841c9b04fe6fd6ff3c755b2ea58fd0bb87cf031579ed7bd5fad95f0447b8f54e1101d
-
SSDEEP
3072:pPR1SrkkY8YUL4qx9RIHgil3UuhSa3U3dD8d6Oy+MIrnj3JjN0J:L1SAkx15x9SHVeOjf+
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2