General
-
Target
ec947434856d25da15a60bb2ce17963b_JaffaCakes118
-
Size
204KB
-
Sample
240920-bzr23asbld
-
MD5
ec947434856d25da15a60bb2ce17963b
-
SHA1
8915eef72a462f57e2747fc76bffa3da10518fd7
-
SHA256
ae0735bff6bab3fe8590d914c1867e1a0f75b17a062efd9b67920b9d9d61fb61
-
SHA512
d607d87c19cc62c5607837020196378ccb27adee2261a3caa41708fc364079cc63ab6eaaf059667de966ccfed38ddda99f598343ec8a0f6105e46c5c75d59f89
-
SSDEEP
6144:QsQigcZrSlO3OW80Nr0SkA6XLeLGvUjouMdDrz:QsQrcVSlW80N4SkA6yKUjouM1rz
Malware Config
Targets
-
-
Target
ec947434856d25da15a60bb2ce17963b_JaffaCakes118
-
Size
204KB
-
MD5
ec947434856d25da15a60bb2ce17963b
-
SHA1
8915eef72a462f57e2747fc76bffa3da10518fd7
-
SHA256
ae0735bff6bab3fe8590d914c1867e1a0f75b17a062efd9b67920b9d9d61fb61
-
SHA512
d607d87c19cc62c5607837020196378ccb27adee2261a3caa41708fc364079cc63ab6eaaf059667de966ccfed38ddda99f598343ec8a0f6105e46c5c75d59f89
-
SSDEEP
6144:QsQigcZrSlO3OW80Nr0SkA6XLeLGvUjouMdDrz:QsQrcVSlW80N4SkA6yKUjouM1rz
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2