General
-
Target
ecdbec48db0d4c53951a59ee3e1bfd05_JaffaCakes118
-
Size
92KB
-
Sample
240920-fa67xazbnl
-
MD5
ecdbec48db0d4c53951a59ee3e1bfd05
-
SHA1
9cd259cd9dfa2a5b48a0bd9e6faa63ff6fa98d28
-
SHA256
de9b8601dede5ba58d0f350b351d38ff2d9b1afa56d5cdb5cca4788871f3d8f1
-
SHA512
f1b6e8bb74d63158f7157922d63f52052d9cc8d1471265f34f10b547e9549608e1a8e4f6f9f3aa9918d11e36d340e168bb6e0599d3bd21731cbc8b57b13f6724
-
SSDEEP
1536:SHjxd88gC8UeIXcBnSxrwNCs1qPerIfynVDiC1M1p1w1s1h1R15UVnV4kTbcu:kxeC8UepnSxrwNCs1qPb5Ur4QF
Malware Config
Targets
-
-
Target
ecdbec48db0d4c53951a59ee3e1bfd05_JaffaCakes118
-
Size
92KB
-
MD5
ecdbec48db0d4c53951a59ee3e1bfd05
-
SHA1
9cd259cd9dfa2a5b48a0bd9e6faa63ff6fa98d28
-
SHA256
de9b8601dede5ba58d0f350b351d38ff2d9b1afa56d5cdb5cca4788871f3d8f1
-
SHA512
f1b6e8bb74d63158f7157922d63f52052d9cc8d1471265f34f10b547e9549608e1a8e4f6f9f3aa9918d11e36d340e168bb6e0599d3bd21731cbc8b57b13f6724
-
SSDEEP
1536:SHjxd88gC8UeIXcBnSxrwNCs1qPerIfynVDiC1M1p1w1s1h1R15UVnV4kTbcu:kxeC8UepnSxrwNCs1qPb5Ur4QF
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2