General
-
Target
eacdc92f07f34dfddff6596a4faa0634_JaffaCakes118
-
Size
220KB
-
Sample
240919-hq9dbawfkq
-
MD5
eacdc92f07f34dfddff6596a4faa0634
-
SHA1
a56f22bb6038ea251e1eb4d64351f94260d563b4
-
SHA256
5a348a9fe409f49d013cea56a4f5a0e3d9f84014f55e32cac1645b40ee710ffd
-
SHA512
8c84cf24ed8fedd00728b2939f76ba8238756fd6448cf9238151152483b64194b018d796d84e899d9f8ca2ff59f8b2febfce3ca85aa05b3817b2316f4002ac4e
-
SSDEEP
3072:J/R1SrCkY8YUL4qx9RIHgil3UuhSa3U3dD8d6Oy+MIrnj3JjND:D1Smkx15x9SHVeOjf
Static task
static1
Behavioral task
behavioral1
Sample
eacdc92f07f34dfddff6596a4faa0634_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
eacdc92f07f34dfddff6596a4faa0634_JaffaCakes118.exe
Resource
win10v2004-20240910-en
Malware Config
Targets
-
-
Target
eacdc92f07f34dfddff6596a4faa0634_JaffaCakes118
-
Size
220KB
-
MD5
eacdc92f07f34dfddff6596a4faa0634
-
SHA1
a56f22bb6038ea251e1eb4d64351f94260d563b4
-
SHA256
5a348a9fe409f49d013cea56a4f5a0e3d9f84014f55e32cac1645b40ee710ffd
-
SHA512
8c84cf24ed8fedd00728b2939f76ba8238756fd6448cf9238151152483b64194b018d796d84e899d9f8ca2ff59f8b2febfce3ca85aa05b3817b2316f4002ac4e
-
SSDEEP
3072:J/R1SrCkY8YUL4qx9RIHgil3UuhSa3U3dD8d6Oy+MIrnj3JjND:D1Smkx15x9SHVeOjf
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2