General
-
Target
ee869b815d4a23c592728a337210c930_JaffaCakes118
-
Size
100KB
-
Sample
240920-148m2s1emm
-
MD5
ee869b815d4a23c592728a337210c930
-
SHA1
1ffa749a0e1a352d9350c0bb25c039e0d6ca720b
-
SHA256
db02d6dad69e5635f30a29ec5b3002e080c2905190841bb8dee9f83f2e634fda
-
SHA512
640b496762be3584a8b410eb5d5017565dc5f760141987ea778f96975ae967b0c75ed7e7842bf2e1b136c65f16c6b5afd753494e5267d267f419bf1e1800120d
-
SSDEEP
1536:GRtG182NTzwboGHMGAc4ohrPXo+73Rez8b0Sy2NIjnZMd:Hw8TurPX7C2Cned
Malware Config
Targets
-
-
Target
ee869b815d4a23c592728a337210c930_JaffaCakes118
-
Size
100KB
-
MD5
ee869b815d4a23c592728a337210c930
-
SHA1
1ffa749a0e1a352d9350c0bb25c039e0d6ca720b
-
SHA256
db02d6dad69e5635f30a29ec5b3002e080c2905190841bb8dee9f83f2e634fda
-
SHA512
640b496762be3584a8b410eb5d5017565dc5f760141987ea778f96975ae967b0c75ed7e7842bf2e1b136c65f16c6b5afd753494e5267d267f419bf1e1800120d
-
SSDEEP
1536:GRtG182NTzwboGHMGAc4ohrPXo+73Rez8b0Sy2NIjnZMd:Hw8TurPX7C2Cned
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2