General
-
Target
ecff8a5e6c057c70770c641341abf5a4_JaffaCakes118
-
Size
116KB
-
Sample
240920-g1k8sssdla
-
MD5
ecff8a5e6c057c70770c641341abf5a4
-
SHA1
346d149dd7c10b80101375e6dce742209575f9dc
-
SHA256
7c4c3abdc880698dfcf4153bb92bfb340b479553cb3b300981b362c7676fae16
-
SHA512
a19e0851afe18dac6fd16184cd0056468a8bf390b00a21b29342b0f39f7a4008b2300263eeb8867e91d2681d936447ac373f69580f3c706007563dfe9ce35046
-
SSDEEP
1536:HPMxBc+AgYh8Kw6KBOcW4Z8HO1Zwt0f4HfDUEdMOPy9sbgNRwo7JaSi:vM7AgSfcr1ZoDUEdgwQU
Malware Config
Targets
-
-
Target
ecff8a5e6c057c70770c641341abf5a4_JaffaCakes118
-
Size
116KB
-
MD5
ecff8a5e6c057c70770c641341abf5a4
-
SHA1
346d149dd7c10b80101375e6dce742209575f9dc
-
SHA256
7c4c3abdc880698dfcf4153bb92bfb340b479553cb3b300981b362c7676fae16
-
SHA512
a19e0851afe18dac6fd16184cd0056468a8bf390b00a21b29342b0f39f7a4008b2300263eeb8867e91d2681d936447ac373f69580f3c706007563dfe9ce35046
-
SSDEEP
1536:HPMxBc+AgYh8Kw6KBOcW4Z8HO1Zwt0f4HfDUEdMOPy9sbgNRwo7JaSi:vM7AgSfcr1ZoDUEdgwQU
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2