General
-
Target
eeab610470ed5b6147ed9e7a2a9d0328_JaffaCakes118
-
Size
67KB
-
Sample
240920-3sh95avdng
-
MD5
eeab610470ed5b6147ed9e7a2a9d0328
-
SHA1
edf6be4af459bed42c79491484c26a8cf90e2783
-
SHA256
a8278a9570246fa1b33f1392ecd438c39668950cfe04e7623646a1efea674b28
-
SHA512
0a1131450550c2c2aa4269e7fb07ca89a725de28f415ccb0bc389086340e9b9961e0a8f7002839b97e31ab837f77ad3910e07cd9ece954340d6fabeec0a847ac
-
SSDEEP
768:eRZ+QyvhsvgOpU/WGGIegFDhNmvdMYXqYt1NEDIefZsD:eHzvgO2/rEgzNLoZt1y
Malware Config
Targets
-
-
Target
eeab610470ed5b6147ed9e7a2a9d0328_JaffaCakes118
-
Size
67KB
-
MD5
eeab610470ed5b6147ed9e7a2a9d0328
-
SHA1
edf6be4af459bed42c79491484c26a8cf90e2783
-
SHA256
a8278a9570246fa1b33f1392ecd438c39668950cfe04e7623646a1efea674b28
-
SHA512
0a1131450550c2c2aa4269e7fb07ca89a725de28f415ccb0bc389086340e9b9961e0a8f7002839b97e31ab837f77ad3910e07cd9ece954340d6fabeec0a847ac
-
SSDEEP
768:eRZ+QyvhsvgOpU/WGGIegFDhNmvdMYXqYt1NEDIefZsD:eHzvgO2/rEgzNLoZt1y
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2