General
-
Target
eac88f439a17a1635e4aec685607c00c_JaffaCakes118
-
Size
216KB
-
Sample
240919-hhlx2svhqd
-
MD5
eac88f439a17a1635e4aec685607c00c
-
SHA1
74582e0561b8de8e935d5c0761443274c0ef20a2
-
SHA256
8eb6024b7e5209b8715e52c1616fb7484a4ef76c38f0e87661a283ef0cc25fbf
-
SHA512
da01b7b3d03caf4d5669706139129963a761a1c819a796c354a625d8e887359441b6b45f9cad18bddfd69c43b07c87ca46280e9ba14fb665be20b0a664788e50
-
SSDEEP
3072:Z2993+BKwcyAHtyU472ydQs1Vsd0WpPGFobtkBdk3ENwE:xBtR6EUEQs1VseWpPGFobC3k3EN5
Malware Config
Targets
-
-
Target
eac88f439a17a1635e4aec685607c00c_JaffaCakes118
-
Size
216KB
-
MD5
eac88f439a17a1635e4aec685607c00c
-
SHA1
74582e0561b8de8e935d5c0761443274c0ef20a2
-
SHA256
8eb6024b7e5209b8715e52c1616fb7484a4ef76c38f0e87661a283ef0cc25fbf
-
SHA512
da01b7b3d03caf4d5669706139129963a761a1c819a796c354a625d8e887359441b6b45f9cad18bddfd69c43b07c87ca46280e9ba14fb665be20b0a664788e50
-
SSDEEP
3072:Z2993+BKwcyAHtyU472ydQs1Vsd0WpPGFobtkBdk3ENwE:xBtR6EUEQs1VseWpPGFobC3k3EN5
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2