General
-
Target
ecb54a427fbc430830a40f7a295808c0_JaffaCakes118
-
Size
172KB
-
Sample
240920-de939awaql
-
MD5
ecb54a427fbc430830a40f7a295808c0
-
SHA1
79d95fe1249e4592315ad006b76dbbba8b97fbea
-
SHA256
bcb356b82e48c2c7afa2a7529a7a978aa69377a2cdff1db01440517b2d562d48
-
SHA512
7b31dedc53ec2291912692730adcddf057070c9fe3ed327b93458badc3df71c741829a0f2e18b6f0bebcb5f8ed7a87ff8e66af806b1da88c6df2c3cc2ffe63ac
-
SSDEEP
3072:76FonoVD8oSx/mvXAFIFR7Nzim04f1fhLOG7GQiCLMt8Xt/Wv6mgeM:7koUD8oSx/mvXAFIFR7N7DfhhLOG7GQe
Malware Config
Targets
-
-
Target
ecb54a427fbc430830a40f7a295808c0_JaffaCakes118
-
Size
172KB
-
MD5
ecb54a427fbc430830a40f7a295808c0
-
SHA1
79d95fe1249e4592315ad006b76dbbba8b97fbea
-
SHA256
bcb356b82e48c2c7afa2a7529a7a978aa69377a2cdff1db01440517b2d562d48
-
SHA512
7b31dedc53ec2291912692730adcddf057070c9fe3ed327b93458badc3df71c741829a0f2e18b6f0bebcb5f8ed7a87ff8e66af806b1da88c6df2c3cc2ffe63ac
-
SSDEEP
3072:76FonoVD8oSx/mvXAFIFR7Nzim04f1fhLOG7GQiCLMt8Xt/Wv6mgeM:7koUD8oSx/mvXAFIFR7N7DfhhLOG7GQe
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2