General
-
Target
ee87bfbfdfa896daebe01f7fa7f4f5b6_JaffaCakes118
-
Size
168KB
-
Sample
240920-167hrs1flj
-
MD5
ee87bfbfdfa896daebe01f7fa7f4f5b6
-
SHA1
c3c3c5c10a2b63cde85b8890f5132d7cf05cbaa2
-
SHA256
b33ad3d40338cf365b57a313e3453a106f4cb434856cf0bc70ac906b675febe7
-
SHA512
5ab3d0191c604e76ac694348f2764689a62134f71e127b65f09bdbce4d20784845715429120fddd37394cb579ceb05e8628cf4df5b822ea5912f873b1231a2dc
-
SSDEEP
1536:9zsulp5+eroCqSaWi1BmQT8gEA2ibO/aDyrOt80BRU1sHzsNfB5R1RcP:R+CzXa
Malware Config
Targets
-
-
Target
ee87bfbfdfa896daebe01f7fa7f4f5b6_JaffaCakes118
-
Size
168KB
-
MD5
ee87bfbfdfa896daebe01f7fa7f4f5b6
-
SHA1
c3c3c5c10a2b63cde85b8890f5132d7cf05cbaa2
-
SHA256
b33ad3d40338cf365b57a313e3453a106f4cb434856cf0bc70ac906b675febe7
-
SHA512
5ab3d0191c604e76ac694348f2764689a62134f71e127b65f09bdbce4d20784845715429120fddd37394cb579ceb05e8628cf4df5b822ea5912f873b1231a2dc
-
SSDEEP
1536:9zsulp5+eroCqSaWi1BmQT8gEA2ibO/aDyrOt80BRU1sHzsNfB5R1RcP:R+CzXa
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2