General
-
Target
ece8535874672da03f21503c26f1b2d6_JaffaCakes118
-
Size
124KB
-
Sample
240920-fxfcpszfpc
-
MD5
ece8535874672da03f21503c26f1b2d6
-
SHA1
af9926e907117ad54a25b8d1179ad520b9e7b645
-
SHA256
09c62e8d4e146dd1579bf2ff1e690f2989f297dab2d4d3951e18282cd184803a
-
SHA512
eac6837cc9b8abc7494a1f682370eda33febeb5969c99734ef1d5b9310830686831c7df5a170076e2f3347de226d7d152951040e9fbe65d111c5dbaf0513ee1c
-
SSDEEP
1536:ZDtkjCoAJTQQU0GgAJa0P1kNmKldCMhdu8KWP/nTn8nBP9Ve+NeG0h/x:XkjCoA2QU0GgAT92p
Malware Config
Targets
-
-
Target
ece8535874672da03f21503c26f1b2d6_JaffaCakes118
-
Size
124KB
-
MD5
ece8535874672da03f21503c26f1b2d6
-
SHA1
af9926e907117ad54a25b8d1179ad520b9e7b645
-
SHA256
09c62e8d4e146dd1579bf2ff1e690f2989f297dab2d4d3951e18282cd184803a
-
SHA512
eac6837cc9b8abc7494a1f682370eda33febeb5969c99734ef1d5b9310830686831c7df5a170076e2f3347de226d7d152951040e9fbe65d111c5dbaf0513ee1c
-
SSDEEP
1536:ZDtkjCoAJTQQU0GgAJa0P1kNmKldCMhdu8KWP/nTn8nBP9Ve+NeG0h/x:XkjCoA2QU0GgAT92p
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2