General
-
Target
eacf86f7aaeaafc2d0b1d251d2bfd268_JaffaCakes118
-
Size
60KB
-
Sample
240919-htqelswgjp
-
MD5
eacf86f7aaeaafc2d0b1d251d2bfd268
-
SHA1
1e1954090eaf0564ff967d193aeed85a56d29749
-
SHA256
d0b392679c03f5d51f01a12f1ff67b25ccb5142636ad2739e061a2cb61d158c4
-
SHA512
e0eda05a76da27e06eac7d5ec1d144ad2f509ef385711d784291d0e660501edcb7bb790fe7237199c236335e86c8b0cc146394a4824b342221beed1f5110ead6
-
SSDEEP
768:QQCyAcbrJ7z0JJm2dSUMAWkUcbTmFIkNcSFIkid+J9KOe8rgYn6IR4WspB6W8Lx+:nAcxUDsjtVmkSem0NMJ6XtFIewD
Malware Config
Targets
-
-
Target
eacf86f7aaeaafc2d0b1d251d2bfd268_JaffaCakes118
-
Size
60KB
-
MD5
eacf86f7aaeaafc2d0b1d251d2bfd268
-
SHA1
1e1954090eaf0564ff967d193aeed85a56d29749
-
SHA256
d0b392679c03f5d51f01a12f1ff67b25ccb5142636ad2739e061a2cb61d158c4
-
SHA512
e0eda05a76da27e06eac7d5ec1d144ad2f509ef385711d784291d0e660501edcb7bb790fe7237199c236335e86c8b0cc146394a4824b342221beed1f5110ead6
-
SSDEEP
768:QQCyAcbrJ7z0JJm2dSUMAWkUcbTmFIkNcSFIkid+J9KOe8rgYn6IR4WspB6W8Lx+:nAcxUDsjtVmkSem0NMJ6XtFIewD
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2