General
-
Target
ed222014f500ad5b050997413a8841cb_JaffaCakes118
-
Size
152KB
-
Sample
240920-jme6qswdqp
-
MD5
ed222014f500ad5b050997413a8841cb
-
SHA1
ae132f6af7ef18e5c1338e3d87146a259388113e
-
SHA256
e69235394a9fb89b9dffc8caa2f7ca4682d9fa891fc379514aa5e7c40f012be2
-
SHA512
fb39d32a239f1790d03b87b9d94ebe032e476f2aba63ccd1ba39954b8872ac5b8deff17332388355380dfcde342ac0e1a8c52445dbdf0e9d457013b07a467644
-
SSDEEP
3072:hMGuPYYh0Zr+K+7DxNUbaxIcz93bOButK+ZAok:Jr+7DxVh3bHp1k
Malware Config
Targets
-
-
Target
ed222014f500ad5b050997413a8841cb_JaffaCakes118
-
Size
152KB
-
MD5
ed222014f500ad5b050997413a8841cb
-
SHA1
ae132f6af7ef18e5c1338e3d87146a259388113e
-
SHA256
e69235394a9fb89b9dffc8caa2f7ca4682d9fa891fc379514aa5e7c40f012be2
-
SHA512
fb39d32a239f1790d03b87b9d94ebe032e476f2aba63ccd1ba39954b8872ac5b8deff17332388355380dfcde342ac0e1a8c52445dbdf0e9d457013b07a467644
-
SSDEEP
3072:hMGuPYYh0Zr+K+7DxNUbaxIcz93bOButK+ZAok:Jr+7DxVh3bHp1k
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2