General
-
Target
eb728cbc66d82da2a837539a50d4d0d8_JaffaCakes118
-
Size
140KB
-
Sample
240919-qx8dla1hpm
-
MD5
eb728cbc66d82da2a837539a50d4d0d8
-
SHA1
76fe02456ab472041242a055b8964e21327fa2e4
-
SHA256
11f1accbff549ad0041142a13c44fa88e80205ac155d28ce0e70b26c3f1f2065
-
SHA512
b0d2f98e1efda9d00721e37b6c4554a3bdc51ff73fd1fdf00f2b3590e296676caa023a0d3ad31edabf188101177518896e3f73d6f9a19d78e9cddef5d18f298e
-
SSDEEP
768:zBq0pll6yt4pd04q0zik+vhy7g0EM/LinbQe4bKG:doeEn3+pCg0EUGQe42G
Malware Config
Targets
-
-
Target
eb728cbc66d82da2a837539a50d4d0d8_JaffaCakes118
-
Size
140KB
-
MD5
eb728cbc66d82da2a837539a50d4d0d8
-
SHA1
76fe02456ab472041242a055b8964e21327fa2e4
-
SHA256
11f1accbff549ad0041142a13c44fa88e80205ac155d28ce0e70b26c3f1f2065
-
SHA512
b0d2f98e1efda9d00721e37b6c4554a3bdc51ff73fd1fdf00f2b3590e296676caa023a0d3ad31edabf188101177518896e3f73d6f9a19d78e9cddef5d18f298e
-
SSDEEP
768:zBq0pll6yt4pd04q0zik+vhy7g0EM/LinbQe4bKG:doeEn3+pCg0EUGQe42G
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2