General
-
Target
ee8bf4756912e005f35770f9b1190415_JaffaCakes118
-
Size
192KB
-
Sample
240920-2dmhkasapl
-
MD5
ee8bf4756912e005f35770f9b1190415
-
SHA1
a7a8343c625d780a02684dc09a2d160388685d5c
-
SHA256
437df2518f7916d4e8d0bddfbc9355a2696141da03d0a442305cb2825bd39ab4
-
SHA512
30f23b4a3aef4aecede9a0c94198fc993ac1da10730c055d803979243ca7baa6e6abddf6a75702157d5cdef8881b57dc07fca43ae7e02644b6a4edaffad8a266
-
SSDEEP
3072:FebBQpjJUhfykwxvGQHhTiZemK/fObT/bGiU7dCyUHb9rXDdcNlXvB:8NOJUARhKK/fObT/bGiUJCyMrXDdcp
Malware Config
Targets
-
-
Target
ee8bf4756912e005f35770f9b1190415_JaffaCakes118
-
Size
192KB
-
MD5
ee8bf4756912e005f35770f9b1190415
-
SHA1
a7a8343c625d780a02684dc09a2d160388685d5c
-
SHA256
437df2518f7916d4e8d0bddfbc9355a2696141da03d0a442305cb2825bd39ab4
-
SHA512
30f23b4a3aef4aecede9a0c94198fc993ac1da10730c055d803979243ca7baa6e6abddf6a75702157d5cdef8881b57dc07fca43ae7e02644b6a4edaffad8a266
-
SSDEEP
3072:FebBQpjJUhfykwxvGQHhTiZemK/fObT/bGiU7dCyUHb9rXDdcNlXvB:8NOJUARhKK/fObT/bGiUJCyMrXDdcp
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2