General
-
Target
ecd471f4a10c5b47f80596b11c414515_JaffaCakes118
-
Size
188KB
-
Sample
240920-eym89syarc
-
MD5
ecd471f4a10c5b47f80596b11c414515
-
SHA1
199b1d0d627807b02ddf54d8a31355b19659e676
-
SHA256
114a7e165cf55a1eb663f361276083880d0c3cd8b01978d53966e58b45d84ee9
-
SHA512
58a85570b9abbee11bb5397589bc1986ade76fdacac7ce0c1a2ef9392e2833e734170a2fe586b0e405cb7315b501f8aa17588f927cfeec5d387406489a4bc501
-
SSDEEP
3072:Hj4SvdQqQ7b4zxMJsSmJMnTQFlKRilqoq6v/:8DqM4zk02qfMot
Malware Config
Targets
-
-
Target
ecd471f4a10c5b47f80596b11c414515_JaffaCakes118
-
Size
188KB
-
MD5
ecd471f4a10c5b47f80596b11c414515
-
SHA1
199b1d0d627807b02ddf54d8a31355b19659e676
-
SHA256
114a7e165cf55a1eb663f361276083880d0c3cd8b01978d53966e58b45d84ee9
-
SHA512
58a85570b9abbee11bb5397589bc1986ade76fdacac7ce0c1a2ef9392e2833e734170a2fe586b0e405cb7315b501f8aa17588f927cfeec5d387406489a4bc501
-
SSDEEP
3072:Hj4SvdQqQ7b4zxMJsSmJMnTQFlKRilqoq6v/:8DqM4zk02qfMot
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2