General
-
Target
eacbd21b64ff72559ab5eedcd804cf3b_JaffaCakes118
-
Size
128KB
-
Sample
240919-hnkbeawejp
-
MD5
eacbd21b64ff72559ab5eedcd804cf3b
-
SHA1
4a311b1fd872435025387673a23ef26888dcb800
-
SHA256
7a9c6bb5183335b9650b0186a86de7c0f4a06529c056da928c2715802200bbde
-
SHA512
7412d761e358df8c26c90f08473e64da885c32f9a45dc17e2c92f4d2de1afb8e008e3879f836917d78723a6c752371348894822ad002b3061207f8f55a5cbbab
-
SSDEEP
3072:/Mxi0mTSIMu94ji3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmR:UopTSIMbi3yGFInRO
Malware Config
Targets
-
-
Target
eacbd21b64ff72559ab5eedcd804cf3b_JaffaCakes118
-
Size
128KB
-
MD5
eacbd21b64ff72559ab5eedcd804cf3b
-
SHA1
4a311b1fd872435025387673a23ef26888dcb800
-
SHA256
7a9c6bb5183335b9650b0186a86de7c0f4a06529c056da928c2715802200bbde
-
SHA512
7412d761e358df8c26c90f08473e64da885c32f9a45dc17e2c92f4d2de1afb8e008e3879f836917d78723a6c752371348894822ad002b3061207f8f55a5cbbab
-
SSDEEP
3072:/Mxi0mTSIMu94ji3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmR:UopTSIMbi3yGFInRO
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2