General
-
Target
ed3f45a2be04b59e78b17e8e17269626_JaffaCakes118
-
Size
140KB
-
Sample
240920-ktmd3ayaqd
-
MD5
ed3f45a2be04b59e78b17e8e17269626
-
SHA1
0a5158a688b08b6b4a91a3522b6ddc73269eb300
-
SHA256
911064d52564ea84f288d22b459c64178dbf7fe2aeac2d88728eb11dffcf9090
-
SHA512
66f9167c2975999d59aea7a8ff29a1c3f64d11d49e1298384e85bab3cc245d5729c63c3e667670d17c7452dc208cab5e37c695323e2503d9159e06ad6781ddd3
-
SSDEEP
1536:tu0FB4TNyLV4Ji2+6wl4fAsyCsJ2AyJOSfNifNuzyWNiEFrsUhKeT4oQu:miCi2+6CXfCZAyJH1i1uz3iE5j4oQu
Malware Config
Targets
-
-
Target
ed3f45a2be04b59e78b17e8e17269626_JaffaCakes118
-
Size
140KB
-
MD5
ed3f45a2be04b59e78b17e8e17269626
-
SHA1
0a5158a688b08b6b4a91a3522b6ddc73269eb300
-
SHA256
911064d52564ea84f288d22b459c64178dbf7fe2aeac2d88728eb11dffcf9090
-
SHA512
66f9167c2975999d59aea7a8ff29a1c3f64d11d49e1298384e85bab3cc245d5729c63c3e667670d17c7452dc208cab5e37c695323e2503d9159e06ad6781ddd3
-
SSDEEP
1536:tu0FB4TNyLV4Ji2+6wl4fAsyCsJ2AyJOSfNifNuzyWNiEFrsUhKeT4oQu:miCi2+6CXfCZAyJH1i1uz3iE5j4oQu
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2