General
-
Target
ed9f7a0516013b514212e62606b55892_JaffaCakes118
-
Size
96KB
-
Sample
240920-p133lsxblg
-
MD5
ed9f7a0516013b514212e62606b55892
-
SHA1
e8a7b6470acfa94e4aa55c6f43ecdb94abfbbf1e
-
SHA256
3bcbd163fea5e7861365369a281a14e0e3c7a26ef4ad70838ef2329ce8539dfb
-
SHA512
61c3f581b2bca02533cf84bc6fffbf32801b18f662c36475c8303a0bd26b41501254df7c0afaf0b809b84c10ccea9c4c3ba50c40f7de7edfa86d228aa53357bc
-
SSDEEP
1536:n5Eg5299tyVQO8P8ychFwjj3RJNEo/knRzdnynE7RldNEP8lijOe6NIjP:5E/9elychszR3Ek65Rldq6CP
Malware Config
Targets
-
-
Target
ed9f7a0516013b514212e62606b55892_JaffaCakes118
-
Size
96KB
-
MD5
ed9f7a0516013b514212e62606b55892
-
SHA1
e8a7b6470acfa94e4aa55c6f43ecdb94abfbbf1e
-
SHA256
3bcbd163fea5e7861365369a281a14e0e3c7a26ef4ad70838ef2329ce8539dfb
-
SHA512
61c3f581b2bca02533cf84bc6fffbf32801b18f662c36475c8303a0bd26b41501254df7c0afaf0b809b84c10ccea9c4c3ba50c40f7de7edfa86d228aa53357bc
-
SSDEEP
1536:n5Eg5299tyVQO8P8ychFwjj3RJNEo/knRzdnynE7RldNEP8lijOe6NIjP:5E/9elychszR3Ek65Rldq6CP
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2