General
-
Target
eda52dc5ca55d40d087dbac5aba60e07_JaffaCakes118
-
Size
60KB
-
Sample
240920-p9w1naxhpq
-
MD5
eda52dc5ca55d40d087dbac5aba60e07
-
SHA1
2b2e9010bc2c5290ae00ccc5c93f489024453f14
-
SHA256
a7882496c4c5f4276adc966d447b25a7e8f8fbc6af8570c7549f3047429d6f61
-
SHA512
0e3e667d338b1815395d809cbe0b1b94b62be03b22dca3a74af4a8d8fbb9294649e3301cd01b112404d400f83d5da329c4dd67cc6b0bb2f6819010eaeae46a91
-
SSDEEP
768:4XampnBeFcpSK6+9A/v/bVlbdfs3OfKDHGIHY56Wf:4XawpSK6y43wY56Wf
Malware Config
Targets
-
-
Target
eda52dc5ca55d40d087dbac5aba60e07_JaffaCakes118
-
Size
60KB
-
MD5
eda52dc5ca55d40d087dbac5aba60e07
-
SHA1
2b2e9010bc2c5290ae00ccc5c93f489024453f14
-
SHA256
a7882496c4c5f4276adc966d447b25a7e8f8fbc6af8570c7549f3047429d6f61
-
SHA512
0e3e667d338b1815395d809cbe0b1b94b62be03b22dca3a74af4a8d8fbb9294649e3301cd01b112404d400f83d5da329c4dd67cc6b0bb2f6819010eaeae46a91
-
SSDEEP
768:4XampnBeFcpSK6+9A/v/bVlbdfs3OfKDHGIHY56Wf:4XawpSK6y43wY56Wf
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2