General
-
Target
eea305b2805d307df0557ef7fb2d9724_JaffaCakes118
-
Size
280KB
-
Sample
240920-3epjzstfqg
-
MD5
eea305b2805d307df0557ef7fb2d9724
-
SHA1
916fc2e57f404a0ad1f92b8dd51db8aef1337762
-
SHA256
54bf6091e88d6f271a78f41aca9eb9fa201a1ae643103689db530056dd613925
-
SHA512
d2bdff1aac0d975674f95363aba9ffd0ae11948d9808b19b578e230e1df5f59d671b303720a109ec31f5ce99953d3d3e7339711468785a667fe2f541fb72caa6
-
SSDEEP
6144:KIXnIpydVsZyxyK5R8GYKi1Xfvs1tzH51t+ewSReXNc/W:BnuydfiebOiW
Malware Config
Targets
-
-
Target
eea305b2805d307df0557ef7fb2d9724_JaffaCakes118
-
Size
280KB
-
MD5
eea305b2805d307df0557ef7fb2d9724
-
SHA1
916fc2e57f404a0ad1f92b8dd51db8aef1337762
-
SHA256
54bf6091e88d6f271a78f41aca9eb9fa201a1ae643103689db530056dd613925
-
SHA512
d2bdff1aac0d975674f95363aba9ffd0ae11948d9808b19b578e230e1df5f59d671b303720a109ec31f5ce99953d3d3e7339711468785a667fe2f541fb72caa6
-
SSDEEP
6144:KIXnIpydVsZyxyK5R8GYKi1Xfvs1tzH51t+ewSReXNc/W:BnuydfiebOiW
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2