General
-
Target
eaaf94d21de9ca1fa325f4dcede39d62_JaffaCakes118
-
Size
288KB
-
Sample
240919-gb1l7atblh
-
MD5
eaaf94d21de9ca1fa325f4dcede39d62
-
SHA1
dd7154688e2bea7906a79e48cc93d8c60ba6e5a5
-
SHA256
9a2ea46ef69d5f1a91ea36d2e13ae690e92688b30e7dc8730035dd814efa8c14
-
SHA512
b3e5a8218ff1e86b031c13b9093b3b7c4145304a09ab2a9922ab91d98b137089306e1702650d7fdeb3cf2959f72fb0087d910c698c21dbf196df76b303f4f181
-
SSDEEP
3072:Mdc/cu/c7dbnbnzncnGnVntnqnhnKnxnqn7nbnan7n3nbnonhnxnS:6c/cu/c7
Malware Config
Targets
-
-
Target
eaaf94d21de9ca1fa325f4dcede39d62_JaffaCakes118
-
Size
288KB
-
MD5
eaaf94d21de9ca1fa325f4dcede39d62
-
SHA1
dd7154688e2bea7906a79e48cc93d8c60ba6e5a5
-
SHA256
9a2ea46ef69d5f1a91ea36d2e13ae690e92688b30e7dc8730035dd814efa8c14
-
SHA512
b3e5a8218ff1e86b031c13b9093b3b7c4145304a09ab2a9922ab91d98b137089306e1702650d7fdeb3cf2959f72fb0087d910c698c21dbf196df76b303f4f181
-
SSDEEP
3072:Mdc/cu/c7dbnbnzncnGnVntnqnhnKnxnqn7nbnan7n3nbnonhnxnS:6c/cu/c7
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2