General
-
Target
ed19ac5502adc95fcf5ac182c3ce46d7_JaffaCakes118
-
Size
364KB
-
Sample
240920-h8qnxsvcqg
-
MD5
ed19ac5502adc95fcf5ac182c3ce46d7
-
SHA1
230be06754207e64ada2257d3ed322489d33e841
-
SHA256
c509cf4af1a4a90c4f033958c91b81ecbd34e24a809b8f30527d2fa5150389db
-
SHA512
7cb83452fa2e958a3ee5ce3ca43a90fb8947e4b095ac2d174136cad4bf211a235f750d9a04eab5f9871910ce53e78f0593037fdfe630533295d4172abab672ec
-
SSDEEP
3072:Q7mnHu8P/S45MA0DqpvNImSDXhEYAoRyl7Ywm5JSUn/YiSB8RLh3Tn5FcoOp:KmKABoEJouYwGJr/Z3TnsoM
Malware Config
Targets
-
-
Target
ed19ac5502adc95fcf5ac182c3ce46d7_JaffaCakes118
-
Size
364KB
-
MD5
ed19ac5502adc95fcf5ac182c3ce46d7
-
SHA1
230be06754207e64ada2257d3ed322489d33e841
-
SHA256
c509cf4af1a4a90c4f033958c91b81ecbd34e24a809b8f30527d2fa5150389db
-
SHA512
7cb83452fa2e958a3ee5ce3ca43a90fb8947e4b095ac2d174136cad4bf211a235f750d9a04eab5f9871910ce53e78f0593037fdfe630533295d4172abab672ec
-
SSDEEP
3072:Q7mnHu8P/S45MA0DqpvNImSDXhEYAoRyl7Ywm5JSUn/YiSB8RLh3Tn5FcoOp:KmKABoEJouYwGJr/Z3TnsoM
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2