General
-
Target
eab80e65cf5ff34131d1fbd19dd7ac9f_JaffaCakes118
-
Size
184KB
-
Sample
240919-gq558avamq
-
MD5
eab80e65cf5ff34131d1fbd19dd7ac9f
-
SHA1
3ade4c5010afeec48b10e58a3dde202e840d4b8f
-
SHA256
f2a17c252c5c871300cbfd7a16f838ad42decf25ec12ef6b67b8ecac646b4485
-
SHA512
dcbd957cd25e9c21a5978cb7e45369f4be242498cad1a875fa39d80b2001de34269c38c408196a0d5f1ab232ea43c2c6c8de25c07f86cef58f5030599e708a31
-
SSDEEP
3072:ZI54Bp9YUdtG716ennADVeMfcRAGKB+uMTEd1CTa:Ziiu1tnADVhERAGKB+uSEdl
Malware Config
Targets
-
-
Target
eab80e65cf5ff34131d1fbd19dd7ac9f_JaffaCakes118
-
Size
184KB
-
MD5
eab80e65cf5ff34131d1fbd19dd7ac9f
-
SHA1
3ade4c5010afeec48b10e58a3dde202e840d4b8f
-
SHA256
f2a17c252c5c871300cbfd7a16f838ad42decf25ec12ef6b67b8ecac646b4485
-
SHA512
dcbd957cd25e9c21a5978cb7e45369f4be242498cad1a875fa39d80b2001de34269c38c408196a0d5f1ab232ea43c2c6c8de25c07f86cef58f5030599e708a31
-
SSDEEP
3072:ZI54Bp9YUdtG716ennADVeMfcRAGKB+uMTEd1CTa:Ziiu1tnADVhERAGKB+uSEdl
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2