General
-
Target
ee8a494dfbfd65f97acb826cced3869c_JaffaCakes118
-
Size
240KB
-
Sample
240920-2a6r2a1hnj
-
MD5
ee8a494dfbfd65f97acb826cced3869c
-
SHA1
a3114f06d908d169b3c8abd954b6e742fbe4d83f
-
SHA256
3feed94f5efd6e562a46a93f937dc2a50d402115614146c441856f78363c25e7
-
SHA512
873b24927ca969228657ac9eaeef9b9da12394ac61a3b47ae05cdebcce6d1344e656321943b16df77725a9e44843a9b4adf036d7afff44baa63f926a00ebda07
-
SSDEEP
6144:1UM3dwqsNwemAB0EqxF6snji81RUinKchhyZS3E:1dQQJsAU
Malware Config
Targets
-
-
Target
ee8a494dfbfd65f97acb826cced3869c_JaffaCakes118
-
Size
240KB
-
MD5
ee8a494dfbfd65f97acb826cced3869c
-
SHA1
a3114f06d908d169b3c8abd954b6e742fbe4d83f
-
SHA256
3feed94f5efd6e562a46a93f937dc2a50d402115614146c441856f78363c25e7
-
SHA512
873b24927ca969228657ac9eaeef9b9da12394ac61a3b47ae05cdebcce6d1344e656321943b16df77725a9e44843a9b4adf036d7afff44baa63f926a00ebda07
-
SSDEEP
6144:1UM3dwqsNwemAB0EqxF6snji81RUinKchhyZS3E:1dQQJsAU
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2