General
-
Target
ed7b43b9fa826550f49e89e1c29b4771_JaffaCakes118
-
Size
312KB
-
Sample
240920-nkbgzstgql
-
MD5
ed7b43b9fa826550f49e89e1c29b4771
-
SHA1
4f1980f203d2223f00e20d68fe966f2352a186c5
-
SHA256
c85d036dfadff22ab5696e81add0902c6fc66b5ef7f8bf86a31fc4db5b031557
-
SHA512
2c39551fed4e9816c391d8d2ac32af85cd52a559abafa6cf34364066e843f1c18a1a69ad29dd46ac52b734df8e5fde509c1e750dc2f4b8743682eeea75151341
-
SSDEEP
6144:el7ZvTlIpr1f+XqO5aOmSGFDbeOjLPmU2gF:epTlIB1f+55SpNPmU7F
Malware Config
Targets
-
-
Target
ed7b43b9fa826550f49e89e1c29b4771_JaffaCakes118
-
Size
312KB
-
MD5
ed7b43b9fa826550f49e89e1c29b4771
-
SHA1
4f1980f203d2223f00e20d68fe966f2352a186c5
-
SHA256
c85d036dfadff22ab5696e81add0902c6fc66b5ef7f8bf86a31fc4db5b031557
-
SHA512
2c39551fed4e9816c391d8d2ac32af85cd52a559abafa6cf34364066e843f1c18a1a69ad29dd46ac52b734df8e5fde509c1e750dc2f4b8743682eeea75151341
-
SSDEEP
6144:el7ZvTlIpr1f+XqO5aOmSGFDbeOjLPmU2gF:epTlIB1f+55SpNPmU7F
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2