General
-
Target
ec98e947c035958dd64b32723a496a46_JaffaCakes118
-
Size
96KB
-
Sample
240920-b6ys7asene
-
MD5
ec98e947c035958dd64b32723a496a46
-
SHA1
906ab1dd447727a6382fcc7899ab44755eac17d4
-
SHA256
485b2bf81173611f61d14bfe10e36da595f343e63d2f272f548829c071b6e8db
-
SHA512
563d9c7716e1dd783d9004f41316bc424f48c3bf918e4ec27f2af1af4373f5275054faf1a61e2bdb4b5a9be7dabf18ce8d91e3d1e5305c25c6682f40e1e78997
-
SSDEEP
1536:PD+Eg52o9tyVQO8P8ych0wjj3RJNEo/knRzdnynE7RldNEP8lijOezNIjnZA4:PqE/oelychJzR3Ek65RldqzCnS4
Malware Config
Targets
-
-
Target
ec98e947c035958dd64b32723a496a46_JaffaCakes118
-
Size
96KB
-
MD5
ec98e947c035958dd64b32723a496a46
-
SHA1
906ab1dd447727a6382fcc7899ab44755eac17d4
-
SHA256
485b2bf81173611f61d14bfe10e36da595f343e63d2f272f548829c071b6e8db
-
SHA512
563d9c7716e1dd783d9004f41316bc424f48c3bf918e4ec27f2af1af4373f5275054faf1a61e2bdb4b5a9be7dabf18ce8d91e3d1e5305c25c6682f40e1e78997
-
SSDEEP
1536:PD+Eg52o9tyVQO8P8ych0wjj3RJNEo/knRzdnynE7RldNEP8lijOezNIjnZA4:PqE/oelychJzR3Ek65RldqzCnS4
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2