General
-
Target
ed50ed33a0148cdc1dae7d51b8c699dc_JaffaCakes118
-
Size
232KB
-
Sample
240920-lmg2fazfnl
-
MD5
ed50ed33a0148cdc1dae7d51b8c699dc
-
SHA1
2eb11386d8a08cee6cf8c016d7a6930cd5932a17
-
SHA256
17177fe989833070fab5f1711b79d80a4e546cb0f20d1bf5faae8e3522181da0
-
SHA512
246cad65a0d7ccfbb0d3d8cb6742af034b012babd0e69a754c6d8fc841b2559b2e78d77fdc3facb9a5cee326730d49935da9805695c8559a1e6496cdf39b5576
-
SSDEEP
6144:Bbd3PFKs7STL6eEqxF6snji81RUinKn3Kt+dNFEFE:HPhPDF6E
Malware Config
Targets
-
-
Target
ed50ed33a0148cdc1dae7d51b8c699dc_JaffaCakes118
-
Size
232KB
-
MD5
ed50ed33a0148cdc1dae7d51b8c699dc
-
SHA1
2eb11386d8a08cee6cf8c016d7a6930cd5932a17
-
SHA256
17177fe989833070fab5f1711b79d80a4e546cb0f20d1bf5faae8e3522181da0
-
SHA512
246cad65a0d7ccfbb0d3d8cb6742af034b012babd0e69a754c6d8fc841b2559b2e78d77fdc3facb9a5cee326730d49935da9805695c8559a1e6496cdf39b5576
-
SSDEEP
6144:Bbd3PFKs7STL6eEqxF6snji81RUinKn3Kt+dNFEFE:HPhPDF6E
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2