General
-
Target
ed551a99efc3c917abce90998bba42ae_JaffaCakes118
-
Size
268KB
-
Sample
240920-ls2m2a1akm
-
MD5
ed551a99efc3c917abce90998bba42ae
-
SHA1
981303a3a118bef40f9bac77602a9f7a4351e5d3
-
SHA256
c70a4538918dc27b29d252fd4f512a6bcee03dddbb848e1a0552f089437f84bc
-
SHA512
93079b28cc604d9b558c8162177d36ec071e33e9d570871e77f3386dc945c62b9772448bc4c08a47b2e7364c12240663e3d45388f4a70a4117cda97448910435
-
SSDEEP
3072:awFnF+yCzH1byNVxBIYwwsw5R7KzPjjUQNMhBBj7yhHCnEkb+UxmPDe/kS5TgPRB:aE+1H1by5FwnKuOj7QinNP/kQTcKJ+U
Malware Config
Targets
-
-
Target
ed551a99efc3c917abce90998bba42ae_JaffaCakes118
-
Size
268KB
-
MD5
ed551a99efc3c917abce90998bba42ae
-
SHA1
981303a3a118bef40f9bac77602a9f7a4351e5d3
-
SHA256
c70a4538918dc27b29d252fd4f512a6bcee03dddbb848e1a0552f089437f84bc
-
SHA512
93079b28cc604d9b558c8162177d36ec071e33e9d570871e77f3386dc945c62b9772448bc4c08a47b2e7364c12240663e3d45388f4a70a4117cda97448910435
-
SSDEEP
3072:awFnF+yCzH1byNVxBIYwwsw5R7KzPjjUQNMhBBj7yhHCnEkb+UxmPDe/kS5TgPRB:aE+1H1by5FwnKuOj7QinNP/kQTcKJ+U
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2