General
-
Target
eab9a8e882a482a3ec8aca0f84ab63d2_JaffaCakes118
-
Size
60KB
-
Sample
240919-gtcyvatgrc
-
MD5
eab9a8e882a482a3ec8aca0f84ab63d2
-
SHA1
d7093d8e183f781445544e8dbbad6e178d3ee498
-
SHA256
506fd50b7317eae1d257e529fb514fad9e0a1dd75d06237bce2ebab3e7fb0e2e
-
SHA512
b1ac695da37918f0d194823f29461bd32d6ac01a91d6976757f88aa91fc68346a5842c2b24222001950739767c2098476206717686941dec7114881a13d63dec
-
SSDEEP
768:RNTs2dMw8rorfnmKUMLZNDn/QlgmFIkCd+hNFIktcM9ea5PnOYn6zykNspK6D8L7:RZs4hANDnVJbBvmO0NMm9iCXOjD5fIi
Malware Config
Targets
-
-
Target
eab9a8e882a482a3ec8aca0f84ab63d2_JaffaCakes118
-
Size
60KB
-
MD5
eab9a8e882a482a3ec8aca0f84ab63d2
-
SHA1
d7093d8e183f781445544e8dbbad6e178d3ee498
-
SHA256
506fd50b7317eae1d257e529fb514fad9e0a1dd75d06237bce2ebab3e7fb0e2e
-
SHA512
b1ac695da37918f0d194823f29461bd32d6ac01a91d6976757f88aa91fc68346a5842c2b24222001950739767c2098476206717686941dec7114881a13d63dec
-
SSDEEP
768:RNTs2dMw8rorfnmKUMLZNDn/QlgmFIkCd+hNFIktcM9ea5PnOYn6zykNspK6D8L7:RZs4hANDnVJbBvmO0NMm9iCXOjD5fIi
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2