General
-
Target
eda384b6c7545da8e449b2778b94a289_JaffaCakes118
-
Size
100KB
-
Sample
240920-p7h11sxgpk
-
MD5
eda384b6c7545da8e449b2778b94a289
-
SHA1
5eac483bfaf25be3f8aa9fb0759b73a0261e596a
-
SHA256
006ed3742142ad5653ccc38e5b7f1ed3b55bd230b712012a66c279de891a1270
-
SHA512
aecc1e1da2ef952e01905ced7e4512486b1e77ef8a644dbf1d25004be82d9f35d836c906f14c334449ab3c164b7365bcbc1ba306af3823ad29f5c37387afeba8
-
SSDEEP
1536:v5l0ccxBnLLOB+dGrNjjmJ2NuKuFr1M5Br2QbCcIPf:oxB3OB++jOKbSf
Malware Config
Targets
-
-
Target
eda384b6c7545da8e449b2778b94a289_JaffaCakes118
-
Size
100KB
-
MD5
eda384b6c7545da8e449b2778b94a289
-
SHA1
5eac483bfaf25be3f8aa9fb0759b73a0261e596a
-
SHA256
006ed3742142ad5653ccc38e5b7f1ed3b55bd230b712012a66c279de891a1270
-
SHA512
aecc1e1da2ef952e01905ced7e4512486b1e77ef8a644dbf1d25004be82d9f35d836c906f14c334449ab3c164b7365bcbc1ba306af3823ad29f5c37387afeba8
-
SSDEEP
1536:v5l0ccxBnLLOB+dGrNjjmJ2NuKuFr1M5Br2QbCcIPf:oxB3OB++jOKbSf
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2