General
-
Target
ee7fd1a22144cd3ea20097521ee1f117_JaffaCakes118
-
Size
232KB
-
Sample
240920-1tbkkazhkm
-
MD5
ee7fd1a22144cd3ea20097521ee1f117
-
SHA1
53c170c4b3b128c84d2bf702a45e39d9dbb4f248
-
SHA256
776a175e53788fe68eb6cd7cded075e19a09ae2b3b36ab6e5cfd62314c8c3c1c
-
SHA512
62de6a3ef0c3d8823e383d0c594f0aa4805a2b951c2b2ac9e1f11f4ca08051691b40642e34148d9f839709fd1c68c2034d7c50eba83a5fd6e27fc13adf0b2f4b
-
SSDEEP
6144:Lyr3PFKs78vpRTlEqxF6snji81RUinKbLUa:8Phpl
Malware Config
Targets
-
-
Target
ee7fd1a22144cd3ea20097521ee1f117_JaffaCakes118
-
Size
232KB
-
MD5
ee7fd1a22144cd3ea20097521ee1f117
-
SHA1
53c170c4b3b128c84d2bf702a45e39d9dbb4f248
-
SHA256
776a175e53788fe68eb6cd7cded075e19a09ae2b3b36ab6e5cfd62314c8c3c1c
-
SHA512
62de6a3ef0c3d8823e383d0c594f0aa4805a2b951c2b2ac9e1f11f4ca08051691b40642e34148d9f839709fd1c68c2034d7c50eba83a5fd6e27fc13adf0b2f4b
-
SSDEEP
6144:Lyr3PFKs78vpRTlEqxF6snji81RUinKbLUa:8Phpl
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2