General
-
Target
ec92e9eb2231220832c7b5b5034aeac5_JaffaCakes118
-
Size
184KB
-
Sample
240920-bwzyha1hqh
-
MD5
ec92e9eb2231220832c7b5b5034aeac5
-
SHA1
1f7a4b301e00d059db55ad8ce0ae7c6319855681
-
SHA256
0887b0246e607cbfa58dd2fa590c0a5e636fa1f71df19758f942803bb5fb62cc
-
SHA512
f7ce9756613c8076349e9dcaac20f5948cc364a21c3d4adb6840a37187bd03bd4e5c4228af70e19345a05b292ee27c919998093062ff35e759f104474f8c3a98
-
SSDEEP
3072:QRnLzFbyZMgSuuj6Uq6EGtCLBnkczjLqXs0EIdVzDH:6Vuulq6YLBNzjLLwXz7
Malware Config
Targets
-
-
Target
ec92e9eb2231220832c7b5b5034aeac5_JaffaCakes118
-
Size
184KB
-
MD5
ec92e9eb2231220832c7b5b5034aeac5
-
SHA1
1f7a4b301e00d059db55ad8ce0ae7c6319855681
-
SHA256
0887b0246e607cbfa58dd2fa590c0a5e636fa1f71df19758f942803bb5fb62cc
-
SHA512
f7ce9756613c8076349e9dcaac20f5948cc364a21c3d4adb6840a37187bd03bd4e5c4228af70e19345a05b292ee27c919998093062ff35e759f104474f8c3a98
-
SSDEEP
3072:QRnLzFbyZMgSuuj6Uq6EGtCLBnkczjLqXs0EIdVzDH:6Vuulq6YLBNzjLLwXz7
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2