General
-
Target
ebe5c752f7c5b2e8a7cfa571e987590c_JaffaCakes118
-
Size
240KB
-
Sample
240919-wlyynssbmb
-
MD5
ebe5c752f7c5b2e8a7cfa571e987590c
-
SHA1
669ae19a3e0dafd6e52a95509166ac3432cd0127
-
SHA256
ff012f8cef34fbedb5e204751bd626ca6389058fced989e5188117f712ec7fd5
-
SHA512
fca3e8121b74356770ec415cd8814d64e9fdeb81a6037f3d0869043be9cd7a9e3bdd7f4e54accdd357504372445cf3e53dc7ecddf8edb039286c8ae737bbb759
-
SSDEEP
6144:tM3dwqsNTNEXGlQRayEqxF6snji81RUinKq3aEEoliDpi:tWdQKj3aEEjs
Malware Config
Targets
-
-
Target
ebe5c752f7c5b2e8a7cfa571e987590c_JaffaCakes118
-
Size
240KB
-
MD5
ebe5c752f7c5b2e8a7cfa571e987590c
-
SHA1
669ae19a3e0dafd6e52a95509166ac3432cd0127
-
SHA256
ff012f8cef34fbedb5e204751bd626ca6389058fced989e5188117f712ec7fd5
-
SHA512
fca3e8121b74356770ec415cd8814d64e9fdeb81a6037f3d0869043be9cd7a9e3bdd7f4e54accdd357504372445cf3e53dc7ecddf8edb039286c8ae737bbb759
-
SSDEEP
6144:tM3dwqsNTNEXGlQRayEqxF6snji81RUinKq3aEEoliDpi:tWdQKj3aEEjs
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2