General
-
Target
ecf872145315b86a86d93f98ab852f9c_JaffaCakes118
-
Size
152KB
-
Sample
240920-gnhxxascqn
-
MD5
ecf872145315b86a86d93f98ab852f9c
-
SHA1
efe194472d4cb773d0001c2f04daffa6ee79486a
-
SHA256
f0ec15220164af0d0eec9b4fd1044ae4592e32746071275bd94c99b1ccc58d89
-
SHA512
5985c212f6e279a9b3549e335d8433b961dce3771e73c6d38c0aa96423d8591915e89bfc8468a8d3f93c650fb686cfaa4c14bd4a2cb459af72357985998fa84d
-
SSDEEP
3072:15EGIHCzwrCaHHvhtbz0wXtV2eZDEUXni7fo7KSif8xWM33r3k1jTCZX+E5j4oQ:MG+CzwrCW/0AHa8nuo7KSif8xWM33r3B
Malware Config
Targets
-
-
Target
ecf872145315b86a86d93f98ab852f9c_JaffaCakes118
-
Size
152KB
-
MD5
ecf872145315b86a86d93f98ab852f9c
-
SHA1
efe194472d4cb773d0001c2f04daffa6ee79486a
-
SHA256
f0ec15220164af0d0eec9b4fd1044ae4592e32746071275bd94c99b1ccc58d89
-
SHA512
5985c212f6e279a9b3549e335d8433b961dce3771e73c6d38c0aa96423d8591915e89bfc8468a8d3f93c650fb686cfaa4c14bd4a2cb459af72357985998fa84d
-
SSDEEP
3072:15EGIHCzwrCaHHvhtbz0wXtV2eZDEUXni7fo7KSif8xWM33r3k1jTCZX+E5j4oQ:MG+CzwrCW/0AHa8nuo7KSif8xWM33r3B
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2