General
-
Target
eab022db887e5ead934b088ad1c307f7_JaffaCakes118
-
Size
132KB
-
Sample
240919-gc411atejk
-
MD5
eab022db887e5ead934b088ad1c307f7
-
SHA1
d1f179af2927304dd874cc4cbc57d169e89c3149
-
SHA256
293c6076dab52f5359bbb18df8ebe84cf441db559e53eb313ebc8a8c6b8e0062
-
SHA512
32b51eeb758195672dbe9c016fe89bb047f466a667661b0a67f9eaee59cd6df33a40df5e3348ab2972e9b2aa738b6e37ed8a3df6097334cd1fb1b40d85358174
-
SSDEEP
1536:czxPzeTIwXFixXVG4e2JLBJ3Ue05znybzPe9jRwo7JaS1:KzeTIkFixFG4e1ybGtwQL
Malware Config
Targets
-
-
Target
eab022db887e5ead934b088ad1c307f7_JaffaCakes118
-
Size
132KB
-
MD5
eab022db887e5ead934b088ad1c307f7
-
SHA1
d1f179af2927304dd874cc4cbc57d169e89c3149
-
SHA256
293c6076dab52f5359bbb18df8ebe84cf441db559e53eb313ebc8a8c6b8e0062
-
SHA512
32b51eeb758195672dbe9c016fe89bb047f466a667661b0a67f9eaee59cd6df33a40df5e3348ab2972e9b2aa738b6e37ed8a3df6097334cd1fb1b40d85358174
-
SSDEEP
1536:czxPzeTIwXFixXVG4e2JLBJ3Ue05znybzPe9jRwo7JaS1:KzeTIkFixFG4e1ybGtwQL
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2