General
-
Target
ea9de4753a8fb7da3d92b2793cfd247e_JaffaCakes118
-
Size
100KB
-
Sample
240919-ff255ssapp
-
MD5
ea9de4753a8fb7da3d92b2793cfd247e
-
SHA1
bfecd6834bc09f6884066182eab2371721c482dc
-
SHA256
b3dc4310d121a03e0787dcc0b3bfe4cecdd62ade592d8e87109121f87d4e1239
-
SHA512
455c062e7fc1c05a61f930af74756dd14cfa8766010d21d9af091f5caaa2d73e11af782377e0af8ec66d03d0d230bf5eb9eef8adb72824ed8229d087d4a677bd
-
SSDEEP
1536:Scdz8iAuismywsyjqLw0wF9MGM9K/oKtNgCMbA1bL3N+NM5UfONIjnZvt:zRye/KLOM5FCnlt
Malware Config
Targets
-
-
Target
ea9de4753a8fb7da3d92b2793cfd247e_JaffaCakes118
-
Size
100KB
-
MD5
ea9de4753a8fb7da3d92b2793cfd247e
-
SHA1
bfecd6834bc09f6884066182eab2371721c482dc
-
SHA256
b3dc4310d121a03e0787dcc0b3bfe4cecdd62ade592d8e87109121f87d4e1239
-
SHA512
455c062e7fc1c05a61f930af74756dd14cfa8766010d21d9af091f5caaa2d73e11af782377e0af8ec66d03d0d230bf5eb9eef8adb72824ed8229d087d4a677bd
-
SSDEEP
1536:Scdz8iAuismywsyjqLw0wF9MGM9K/oKtNgCMbA1bL3N+NM5UfONIjnZvt:zRye/KLOM5FCnlt
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2