General
-
Target
ed3cd15674746cf9759ebcbbd7b0cb57_JaffaCakes118
-
Size
216KB
-
Sample
240920-kqcqfsyckp
-
MD5
ed3cd15674746cf9759ebcbbd7b0cb57
-
SHA1
0bd9e20d78d0718353571f09b6e11f9fc8fbc640
-
SHA256
a75ee72181ba77f7633cdd9fb5a1b721a78832b225d72a9506baf3b94fadee4a
-
SHA512
16968a1584aae221610bfedebe942f360184c9a70ced26a5cae658bcdd0173d1c1f2bd12f30723ed78fb01c05a892457e5900905fc9c2abcbf888fa198bb115f
-
SSDEEP
3072:fYDaMKXuxxnM3/7eFE+S2/goM2IFNGzBkl9sLn:Qz/nM36q+VM2CWs9A
Malware Config
Targets
-
-
Target
ed3cd15674746cf9759ebcbbd7b0cb57_JaffaCakes118
-
Size
216KB
-
MD5
ed3cd15674746cf9759ebcbbd7b0cb57
-
SHA1
0bd9e20d78d0718353571f09b6e11f9fc8fbc640
-
SHA256
a75ee72181ba77f7633cdd9fb5a1b721a78832b225d72a9506baf3b94fadee4a
-
SHA512
16968a1584aae221610bfedebe942f360184c9a70ced26a5cae658bcdd0173d1c1f2bd12f30723ed78fb01c05a892457e5900905fc9c2abcbf888fa198bb115f
-
SSDEEP
3072:fYDaMKXuxxnM3/7eFE+S2/goM2IFNGzBkl9sLn:Qz/nM36q+VM2CWs9A
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2