General
-
Target
ee76d371e2c9cb396729cd6d670a03f6_JaffaCakes118
-
Size
212KB
-
Sample
240920-1ezc3szbjj
-
MD5
ee76d371e2c9cb396729cd6d670a03f6
-
SHA1
78cfb2a08fd4571f054b244083bead9dd0cc9bb3
-
SHA256
3954a9208126fbc7d8d492a070a4997623c57dcf82c67beebeb7685b36b9f4b7
-
SHA512
4424aeb7f5189fa3d96ff3f203006deb6850107771983a6b412e5595e21805ef152036f6b4c2b0a67141f79610d5c7d161e0eb96ab75473054c6ff5c81a5ace4
-
SSDEEP
6144:4CKHFwzWQrO8J0bqihew3b7KvfCBnn78MDxG6oRKnvmb7/D26NhHmpfXJNRYK:nKHFwC8J0egew3bevfY78MDxG6oRKnvP
Malware Config
Targets
-
-
Target
ee76d371e2c9cb396729cd6d670a03f6_JaffaCakes118
-
Size
212KB
-
MD5
ee76d371e2c9cb396729cd6d670a03f6
-
SHA1
78cfb2a08fd4571f054b244083bead9dd0cc9bb3
-
SHA256
3954a9208126fbc7d8d492a070a4997623c57dcf82c67beebeb7685b36b9f4b7
-
SHA512
4424aeb7f5189fa3d96ff3f203006deb6850107771983a6b412e5595e21805ef152036f6b4c2b0a67141f79610d5c7d161e0eb96ab75473054c6ff5c81a5ace4
-
SSDEEP
6144:4CKHFwzWQrO8J0bqihew3b7KvfCBnn78MDxG6oRKnvmb7/D26NhHmpfXJNRYK:nKHFwC8J0egew3bevfY78MDxG6oRKnvP
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2