General
-
Target
ed40353b6074ea6981cf06e56149e16c_JaffaCakes118
-
Size
212KB
-
Sample
240920-kv5xssyejk
-
MD5
ed40353b6074ea6981cf06e56149e16c
-
SHA1
1f9aceb8bc3b0da04566b9f92f507b343da30461
-
SHA256
1d7225d27307efd4c729d76a03269d7a2f28bf9cec2f9fd9d688132c5d0f0b1b
-
SHA512
5c2356f7b33059a0eb68af02d90858e3bc76d78fe78c4b81cea56e45cee105c41af56a4e4d63892e0cc08256ad3b819d1e6b5504cd79870b72fc0f65eafaa53a
-
SSDEEP
6144:UCKOFwzWQVO8J0bqihew3b7KvfCBnn78MDxG6oRKnvmb7/D26NhHmpfXJNRXV:LKOFw88J0egew3bevfY78MDxG6oRKnvD
Malware Config
Targets
-
-
Target
ed40353b6074ea6981cf06e56149e16c_JaffaCakes118
-
Size
212KB
-
MD5
ed40353b6074ea6981cf06e56149e16c
-
SHA1
1f9aceb8bc3b0da04566b9f92f507b343da30461
-
SHA256
1d7225d27307efd4c729d76a03269d7a2f28bf9cec2f9fd9d688132c5d0f0b1b
-
SHA512
5c2356f7b33059a0eb68af02d90858e3bc76d78fe78c4b81cea56e45cee105c41af56a4e4d63892e0cc08256ad3b819d1e6b5504cd79870b72fc0f65eafaa53a
-
SSDEEP
6144:UCKOFwzWQVO8J0bqihew3b7KvfCBnn78MDxG6oRKnvmb7/D26NhHmpfXJNRXV:LKOFw88J0egew3bevfY78MDxG6oRKnvD
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2