General
-
Target
ed8618d7a9a6316139fd6e215f6968cc_JaffaCakes118
-
Size
144KB
-
Sample
240920-n2jvpavcpb
-
MD5
ed8618d7a9a6316139fd6e215f6968cc
-
SHA1
b2d82bc666e1160e97fb9f455f437df0e56e582e
-
SHA256
d306131f9b010706bd78b831f72b7a19c6a1c66f9f7dbdd06e7bf25e935163e9
-
SHA512
a348887c67c3a9c2d0e0d145a878af57f97ca8c9a6395602e97f6ca7921a8480bd483a7d32947ea6fe3af59c99b3e47b4175a3665e9d0a7b83a6a16d4c8b2939
-
SSDEEP
3072:uDr1wKcEUqZhplZRC7/veXx8pUPkDRcrLNqYeWI+VU:u3mlEUqzPZ8eXx8pUsDRcHNVeW
Malware Config
Targets
-
-
Target
ed8618d7a9a6316139fd6e215f6968cc_JaffaCakes118
-
Size
144KB
-
MD5
ed8618d7a9a6316139fd6e215f6968cc
-
SHA1
b2d82bc666e1160e97fb9f455f437df0e56e582e
-
SHA256
d306131f9b010706bd78b831f72b7a19c6a1c66f9f7dbdd06e7bf25e935163e9
-
SHA512
a348887c67c3a9c2d0e0d145a878af57f97ca8c9a6395602e97f6ca7921a8480bd483a7d32947ea6fe3af59c99b3e47b4175a3665e9d0a7b83a6a16d4c8b2939
-
SSDEEP
3072:uDr1wKcEUqZhplZRC7/veXx8pUPkDRcrLNqYeWI+VU:u3mlEUqzPZ8eXx8pUsDRcHNVeW
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2