General
-
Target
ecd8c44620c73417e9540f0dbe7e66dc_JaffaCakes118
-
Size
132KB
-
Sample
240920-e5t1dsyhln
-
MD5
ecd8c44620c73417e9540f0dbe7e66dc
-
SHA1
1ddb77402193d8f1ca2c1d903384176b90db86eb
-
SHA256
46cd363e1b4781338e3fb7069df14a1e19d883e0fff06a618bd46c37269def61
-
SHA512
36ecff2c185a423e1ed7247e8161274c468efa618870d5dc295d5b8ed08141f0ef3f3697a470a14421eef3e2e3709eabba6a416764d896c14c30f9b478268d6b
-
SSDEEP
1536:mEm4B/TZH6rM2qEbBkIvI4DyQDIws/HmmYbRdfuL0wo7JaS1:dB/TZH63qEbBkn4e2s/HmlTfdwQL
Malware Config
Targets
-
-
Target
ecd8c44620c73417e9540f0dbe7e66dc_JaffaCakes118
-
Size
132KB
-
MD5
ecd8c44620c73417e9540f0dbe7e66dc
-
SHA1
1ddb77402193d8f1ca2c1d903384176b90db86eb
-
SHA256
46cd363e1b4781338e3fb7069df14a1e19d883e0fff06a618bd46c37269def61
-
SHA512
36ecff2c185a423e1ed7247e8161274c468efa618870d5dc295d5b8ed08141f0ef3f3697a470a14421eef3e2e3709eabba6a416764d896c14c30f9b478268d6b
-
SSDEEP
1536:mEm4B/TZH6rM2qEbBkIvI4DyQDIws/HmmYbRdfuL0wo7JaS1:dB/TZH63qEbBkn4e2s/HmlTfdwQL
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2