General
-
Target
ed6bdb776f446b1d22a6f72bd5ae4ed7_JaffaCakes118
-
Size
100KB
-
Sample
240920-mwgbyasfqr
-
MD5
ed6bdb776f446b1d22a6f72bd5ae4ed7
-
SHA1
bfc676bb8d8d4ddcd8ea891320fc116d6c0a83b4
-
SHA256
d746663183173501a8916ccfc7c5956de74fca82d98d1f27285c1a98cf0c7846
-
SHA512
8897d883520c17f1226f676eb89ee00e0f5a8bc6f6f6aa7b8bb9699ae591444be68080611002249b971941df02aad7c8dcaa1e6b9730e743f77d02d99e54c874
-
SSDEEP
1536:AOt0282NTjwqBLGZcYADZPU1+73mDe8b0HyYNIjnZrJ:7wqggZPU7rYCnlJ
Malware Config
Targets
-
-
Target
ed6bdb776f446b1d22a6f72bd5ae4ed7_JaffaCakes118
-
Size
100KB
-
MD5
ed6bdb776f446b1d22a6f72bd5ae4ed7
-
SHA1
bfc676bb8d8d4ddcd8ea891320fc116d6c0a83b4
-
SHA256
d746663183173501a8916ccfc7c5956de74fca82d98d1f27285c1a98cf0c7846
-
SHA512
8897d883520c17f1226f676eb89ee00e0f5a8bc6f6f6aa7b8bb9699ae591444be68080611002249b971941df02aad7c8dcaa1e6b9730e743f77d02d99e54c874
-
SSDEEP
1536:AOt0282NTjwqBLGZcYADZPU1+73mDe8b0HyYNIjnZrJ:7wqggZPU7rYCnlJ
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2