General
-
Target
ed365f9ce575d165acf32578898f8bae_JaffaCakes118
-
Size
228KB
-
Sample
240920-kf4fesxdng
-
MD5
ed365f9ce575d165acf32578898f8bae
-
SHA1
7eb672055ec59827ef5173e37741ce6133a1bf1a
-
SHA256
bea39053fa2a3936601b9277d8226eb3a98618a87f84f7c666ce1aecf3df8b8d
-
SHA512
66ee326c3de6cbc0d225c968b592f9fd63d6e380a9db230cf36f3aae53e76d33394719a1f3d25e156947c978c6720bfff9f4cf226601159c0a58a3bb7afd49e5
-
SSDEEP
6144:wKXG3dwqsNy5ibpNjlDEqxF6snji81RUinKNCO9:FXkdQxlC
Malware Config
Targets
-
-
Target
ed365f9ce575d165acf32578898f8bae_JaffaCakes118
-
Size
228KB
-
MD5
ed365f9ce575d165acf32578898f8bae
-
SHA1
7eb672055ec59827ef5173e37741ce6133a1bf1a
-
SHA256
bea39053fa2a3936601b9277d8226eb3a98618a87f84f7c666ce1aecf3df8b8d
-
SHA512
66ee326c3de6cbc0d225c968b592f9fd63d6e380a9db230cf36f3aae53e76d33394719a1f3d25e156947c978c6720bfff9f4cf226601159c0a58a3bb7afd49e5
-
SSDEEP
6144:wKXG3dwqsNy5ibpNjlDEqxF6snji81RUinKNCO9:FXkdQxlC
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2