General
-
Target
ed5c7b77707fb549b01a942353a73607_JaffaCakes118
-
Size
240KB
-
Sample
240920-l56shs1enl
-
MD5
ed5c7b77707fb549b01a942353a73607
-
SHA1
1b04c28f134563f03c3ff6821b12e2e879d842d1
-
SHA256
ba74a6f2c637b54ece8fa3dac523f03dcde4fd2e7b4370e957fb369748ce3169
-
SHA512
53ba6dbc754059fed7045cbb95e4e022ba0a64fafe142d4f4bcdd93976231ad31a1abd5b64dbefc028ff33e2dd8aa4c43593f632bc7263fbf650fe66401f32a1
-
SSDEEP
6144:eUm3dwqsNwemAB0EqxF6snji81RUinKchhyoSQ:OdQQJsn
Malware Config
Targets
-
-
Target
ed5c7b77707fb549b01a942353a73607_JaffaCakes118
-
Size
240KB
-
MD5
ed5c7b77707fb549b01a942353a73607
-
SHA1
1b04c28f134563f03c3ff6821b12e2e879d842d1
-
SHA256
ba74a6f2c637b54ece8fa3dac523f03dcde4fd2e7b4370e957fb369748ce3169
-
SHA512
53ba6dbc754059fed7045cbb95e4e022ba0a64fafe142d4f4bcdd93976231ad31a1abd5b64dbefc028ff33e2dd8aa4c43593f632bc7263fbf650fe66401f32a1
-
SSDEEP
6144:eUm3dwqsNwemAB0EqxF6snji81RUinKchhyoSQ:OdQQJsn
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2