General
-
Target
ee77982c3052e2a93ba1e4dc289eed69_JaffaCakes118
-
Size
172KB
-
Sample
240920-1f1yasyhnc
-
MD5
ee77982c3052e2a93ba1e4dc289eed69
-
SHA1
c9c4b8ef7453d6e1dadefc6f1612a88465806e2c
-
SHA256
1ab90639a5a412160f73e15711834e6aa4d2bf33581564a3bfe89ed248f70637
-
SHA512
582914822eb13a6610d1cbfcb6fd6f6d451d2437cd2390a84e150ea678e7b577e3477e6979c8def2aa2d8b0604775970896f95d8a10bb4739e9085d8402cc4c5
-
SSDEEP
3072:HViUvJtIiLSo6I290h+k4Lrng8y+cwTFEwnZBhN3pq+bjEZk1bLM+Ex+05lHzgTZ:HsgIYSo6I290h+k4Lrng8yJwTFEwnpNw
Malware Config
Targets
-
-
Target
ee77982c3052e2a93ba1e4dc289eed69_JaffaCakes118
-
Size
172KB
-
MD5
ee77982c3052e2a93ba1e4dc289eed69
-
SHA1
c9c4b8ef7453d6e1dadefc6f1612a88465806e2c
-
SHA256
1ab90639a5a412160f73e15711834e6aa4d2bf33581564a3bfe89ed248f70637
-
SHA512
582914822eb13a6610d1cbfcb6fd6f6d451d2437cd2390a84e150ea678e7b577e3477e6979c8def2aa2d8b0604775970896f95d8a10bb4739e9085d8402cc4c5
-
SSDEEP
3072:HViUvJtIiLSo6I290h+k4Lrng8y+cwTFEwnZBhN3pq+bjEZk1bLM+Ex+05lHzgTZ:HsgIYSo6I290h+k4Lrng8yJwTFEwnpNw
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2