General
-
Target
ecc8dd9821a402c10a3848b92f677a33_JaffaCakes118
-
Size
232KB
-
Sample
240920-eckagsxajc
-
MD5
ecc8dd9821a402c10a3848b92f677a33
-
SHA1
9335233aaa7524ea91b373de0fe941c9018eb1c9
-
SHA256
b4a9c7b5652b69243fd2f410ddf9dd7da20e1fb537359542b8df87fde013de91
-
SHA512
8fb3b7c9fa08980781dfbda276252565698f2731b5ee2a9631cb4cd3b7f5dc06e8136132ee8225e1ccc190ac05c470fcfe38f1131f363285ac9cb374c08d43fe
-
SSDEEP
6144:W3PFKs7diixRSFBfWEqxF6snji81RUinK51jbkxkuq/:0PhJuBXVbkxJq/
Malware Config
Targets
-
-
Target
ecc8dd9821a402c10a3848b92f677a33_JaffaCakes118
-
Size
232KB
-
MD5
ecc8dd9821a402c10a3848b92f677a33
-
SHA1
9335233aaa7524ea91b373de0fe941c9018eb1c9
-
SHA256
b4a9c7b5652b69243fd2f410ddf9dd7da20e1fb537359542b8df87fde013de91
-
SHA512
8fb3b7c9fa08980781dfbda276252565698f2731b5ee2a9631cb4cd3b7f5dc06e8136132ee8225e1ccc190ac05c470fcfe38f1131f363285ac9cb374c08d43fe
-
SSDEEP
6144:W3PFKs7diixRSFBfWEqxF6snji81RUinK51jbkxkuq/:0PhJuBXVbkxJq/
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2