General
-
Target
ed572c1682b61609ccb134a1ec1ea237_JaffaCakes118
-
Size
248KB
-
Sample
240920-lww7qazhjf
-
MD5
ed572c1682b61609ccb134a1ec1ea237
-
SHA1
82349ace6581662b669a204c0f0dad9708af70a2
-
SHA256
0483d47a450834fe37a10cc931e3d9d9bb3b31884f20074ac17c63eb31cdc8ec
-
SHA512
341d6a71488a7faf373feef7f08e72fe5ed436beb64f57f689656e0593cb39bc0f9a06428b4a56edadce249cfb7d67686574aa5c7742652f3c898f6305efe96d
-
SSDEEP
6144:pDM5CElofkFWQPtnRneqAKnvmb7/D269fgwMty0e6ndv0Dj:pI5CLkFfnRnWKnvmb7/D26qndv0Dj
Malware Config
Targets
-
-
Target
ed572c1682b61609ccb134a1ec1ea237_JaffaCakes118
-
Size
248KB
-
MD5
ed572c1682b61609ccb134a1ec1ea237
-
SHA1
82349ace6581662b669a204c0f0dad9708af70a2
-
SHA256
0483d47a450834fe37a10cc931e3d9d9bb3b31884f20074ac17c63eb31cdc8ec
-
SHA512
341d6a71488a7faf373feef7f08e72fe5ed436beb64f57f689656e0593cb39bc0f9a06428b4a56edadce249cfb7d67686574aa5c7742652f3c898f6305efe96d
-
SSDEEP
6144:pDM5CElofkFWQPtnRneqAKnvmb7/D269fgwMty0e6ndv0Dj:pI5CLkFfnRnWKnvmb7/D26qndv0Dj
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2