General
-
Target
ec7d1689b0fdfe63b198a63aebf58f46_JaffaCakes118
-
Size
100KB
-
Sample
240920-avpkpszcql
-
MD5
ec7d1689b0fdfe63b198a63aebf58f46
-
SHA1
045e95381d217b0d68af76719526847e1f21d965
-
SHA256
e580a037c4fe13e25c55d1fff54c181fa8fa0cde660a1da2faa952624fd92d6a
-
SHA512
f6785cb6ff2b59ca8b232bc0bd4a511c2e2a18ff8c72ac437fbebaca1a9d092761e5f3d7f7cc3f8d9de25c49d0e45a46dd0bcca45e5ce3977b4aa84003b3cd7e
-
SSDEEP
1536:RxWbcX220mQCamxJKIRGWcOUP7vXArnY1ZqAefzyesdNIjnZag:PnQ9NAfzye6Cnsg
Malware Config
Targets
-
-
Target
ec7d1689b0fdfe63b198a63aebf58f46_JaffaCakes118
-
Size
100KB
-
MD5
ec7d1689b0fdfe63b198a63aebf58f46
-
SHA1
045e95381d217b0d68af76719526847e1f21d965
-
SHA256
e580a037c4fe13e25c55d1fff54c181fa8fa0cde660a1da2faa952624fd92d6a
-
SHA512
f6785cb6ff2b59ca8b232bc0bd4a511c2e2a18ff8c72ac437fbebaca1a9d092761e5f3d7f7cc3f8d9de25c49d0e45a46dd0bcca45e5ce3977b4aa84003b3cd7e
-
SSDEEP
1536:RxWbcX220mQCamxJKIRGWcOUP7vXArnY1ZqAefzyesdNIjnZag:PnQ9NAfzye6Cnsg
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2