General
-
Target
ead362a5695e74f29d3900b7e8eba368_JaffaCakes118
-
Size
100KB
-
Sample
240919-h1t2daxanl
-
MD5
ead362a5695e74f29d3900b7e8eba368
-
SHA1
5b599443e51d6f7a411591fadda7511a8a41a142
-
SHA256
476cae816871b60860cba937fdc8c99d65de35bbe1da2eb2c2774dc3d40fa429
-
SHA512
fd6908b9e7158ba80f2f1ff39ca657065d28842ddfe3855df5b71b4cbee97aaee5b6e046533418083f66014d44b31bbfda54e6e09977d3757f86c8e38438b31d
-
SSDEEP
1536:zgtGP82NTzwT3mMGAc4ohrPXo+73Rez8b0SyKNIjnZrJ:jwTZurPX7CKCnlJ
Malware Config
Targets
-
-
Target
ead362a5695e74f29d3900b7e8eba368_JaffaCakes118
-
Size
100KB
-
MD5
ead362a5695e74f29d3900b7e8eba368
-
SHA1
5b599443e51d6f7a411591fadda7511a8a41a142
-
SHA256
476cae816871b60860cba937fdc8c99d65de35bbe1da2eb2c2774dc3d40fa429
-
SHA512
fd6908b9e7158ba80f2f1ff39ca657065d28842ddfe3855df5b71b4cbee97aaee5b6e046533418083f66014d44b31bbfda54e6e09977d3757f86c8e38438b31d
-
SSDEEP
1536:zgtGP82NTzwT3mMGAc4ohrPXo+73Rez8b0SyKNIjnZrJ:jwTZurPX7CKCnlJ
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2