General
-
Target
ed248d8fe54eac0ea1d621a64458f741_JaffaCakes118
-
Size
240KB
-
Sample
240920-jqmpzswflq
-
MD5
ed248d8fe54eac0ea1d621a64458f741
-
SHA1
39a5fdd3bf859f8d070aa8711840de0e9adba08a
-
SHA256
0b72e88881deffb77d3be760a4a94dec6256e0c6cf2afcd35c4fe93e55ff2730
-
SHA512
806153467898e365a19ec01407f5b60cd22c93771c397298e30c5397849154152b006bce6850e4a971a1174f8a95416215937180f10e08ed2a5f5540126d6332
-
SSDEEP
6144:bu3dwqsNTNEXGlQR58EqxF6snji81RUinKq3aEESliDIS:bcdQKjeaEEpd
Malware Config
Targets
-
-
Target
ed248d8fe54eac0ea1d621a64458f741_JaffaCakes118
-
Size
240KB
-
MD5
ed248d8fe54eac0ea1d621a64458f741
-
SHA1
39a5fdd3bf859f8d070aa8711840de0e9adba08a
-
SHA256
0b72e88881deffb77d3be760a4a94dec6256e0c6cf2afcd35c4fe93e55ff2730
-
SHA512
806153467898e365a19ec01407f5b60cd22c93771c397298e30c5397849154152b006bce6850e4a971a1174f8a95416215937180f10e08ed2a5f5540126d6332
-
SSDEEP
6144:bu3dwqsNTNEXGlQR58EqxF6snji81RUinKq3aEESliDIS:bcdQKjeaEEpd
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2