General
-
Target
eabd8606d82f67994ec01c72b2e50380_JaffaCakes118
-
Size
188KB
-
Sample
240919-gzd34avbjd
-
MD5
eabd8606d82f67994ec01c72b2e50380
-
SHA1
9eda9466d1ae9803d4b6bf837167334a5c489253
-
SHA256
24308e7a24ba586a8ff0460b74164c40893736349d453ba1e25c27ead16177c1
-
SHA512
cc83354609ae6a79b39d0481f220043434bf98bd16bb2750c845e0730e1c975836963c4d055a36464464fe5ecc0d425f3717909a657091600e7a3c15da236b92
-
SSDEEP
3072:6j47OnQqQ7b4zxMJsSmJ6nTQFlKRilqoq6v/W:R9qM4zk0cqfMotG
Malware Config
Targets
-
-
Target
eabd8606d82f67994ec01c72b2e50380_JaffaCakes118
-
Size
188KB
-
MD5
eabd8606d82f67994ec01c72b2e50380
-
SHA1
9eda9466d1ae9803d4b6bf837167334a5c489253
-
SHA256
24308e7a24ba586a8ff0460b74164c40893736349d453ba1e25c27ead16177c1
-
SHA512
cc83354609ae6a79b39d0481f220043434bf98bd16bb2750c845e0730e1c975836963c4d055a36464464fe5ecc0d425f3717909a657091600e7a3c15da236b92
-
SSDEEP
3072:6j47OnQqQ7b4zxMJsSmJ6nTQFlKRilqoq6v/W:R9qM4zk0cqfMotG
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2