General
-
Target
ee836b38037930a2dfc39676f0ee44b8_JaffaCakes118
-
Size
88KB
-
Sample
240920-1zffps1cjm
-
MD5
ee836b38037930a2dfc39676f0ee44b8
-
SHA1
ba107021d8c3fca82313dc78c64526d33bd9aa0f
-
SHA256
60a9edae44a04938a2bfbf5a0f10378739b185f3ab55610fbf1ae2045e2d0051
-
SHA512
dc8e7de0f90389ad1e65940849c698f425c47aa181c62369ae85dacd61b446ccfe28194a8109f1c2f1503b3cb245f01da66cbaa5a6cf7e36b4121a1acdcfef11
-
SSDEEP
768:vDFIjMEddaqnObOasGEwU8Z1Rbe2kjEQJQ1H7a8zFkzqcw+4O:ZIIxiCU8Z1QjEQJecw+
Malware Config
Targets
-
-
Target
ee836b38037930a2dfc39676f0ee44b8_JaffaCakes118
-
Size
88KB
-
MD5
ee836b38037930a2dfc39676f0ee44b8
-
SHA1
ba107021d8c3fca82313dc78c64526d33bd9aa0f
-
SHA256
60a9edae44a04938a2bfbf5a0f10378739b185f3ab55610fbf1ae2045e2d0051
-
SHA512
dc8e7de0f90389ad1e65940849c698f425c47aa181c62369ae85dacd61b446ccfe28194a8109f1c2f1503b3cb245f01da66cbaa5a6cf7e36b4121a1acdcfef11
-
SSDEEP
768:vDFIjMEddaqnObOasGEwU8Z1Rbe2kjEQJQ1H7a8zFkzqcw+4O:ZIIxiCU8Z1QjEQJecw+
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2