General
-
Target
ecbaf9be2acc4e048f7232d9863f2cc4_JaffaCakes118
-
Size
96KB
-
Sample
240920-dpqscswdmq
-
MD5
ecbaf9be2acc4e048f7232d9863f2cc4
-
SHA1
62edcd8e591f6c4af563aca8880d1f971250f26d
-
SHA256
b005fdba5ebb141529874fc6143a7cde45111f694a8b3a97ccf28e3685c049cb
-
SHA512
f294f6220306abf53b1d90a8bdb36bb26a9a66172f624a16e44afb2565f6f4a65b9dc5fb17bab46b378a85a34909b3dfdf22b556e3ee6e76600176e84a740d2c
-
SSDEEP
1536:P22Eg52k9tyVQO8P8ychtwjj3RJNEo/knRzdnynE7RldNEP8lijOezNIjnZLL:PNE/kelychEzR3Ek65RldqzCn9L
Malware Config
Targets
-
-
Target
ecbaf9be2acc4e048f7232d9863f2cc4_JaffaCakes118
-
Size
96KB
-
MD5
ecbaf9be2acc4e048f7232d9863f2cc4
-
SHA1
62edcd8e591f6c4af563aca8880d1f971250f26d
-
SHA256
b005fdba5ebb141529874fc6143a7cde45111f694a8b3a97ccf28e3685c049cb
-
SHA512
f294f6220306abf53b1d90a8bdb36bb26a9a66172f624a16e44afb2565f6f4a65b9dc5fb17bab46b378a85a34909b3dfdf22b556e3ee6e76600176e84a740d2c
-
SSDEEP
1536:P22Eg52k9tyVQO8P8ychtwjj3RJNEo/knRzdnynE7RldNEP8lijOezNIjnZLL:PNE/kelychEzR3Ek65RldqzCn9L
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2