General
-
Target
ed944035d31f2f0404ac6153ef13439c_JaffaCakes118
-
Size
100KB
-
Sample
240920-pkzp9awfqk
-
MD5
ed944035d31f2f0404ac6153ef13439c
-
SHA1
05d9103db20e45082821f55363ace2737ba2cdd3
-
SHA256
0900bdd0701e14a674c4872d82138a97b907db981866633d6cf6d9f243def4ed
-
SHA512
bd104b6b83ac08019d88a89511dbdb11e173340dd0126728f4cfdb4f1de4c0db5497bed4e9e9bb50d2467a373f271ed9d8a925a61d0ca2f6ce61b07be542085e
-
SSDEEP
1536:Zit8iAuismyws3hAeLw0wF9MGM9K/oKtNgCMbA1bL3N+NM5Uf1NIjnZ5:oOe/KLOM52Cnr
Malware Config
Targets
-
-
Target
ed944035d31f2f0404ac6153ef13439c_JaffaCakes118
-
Size
100KB
-
MD5
ed944035d31f2f0404ac6153ef13439c
-
SHA1
05d9103db20e45082821f55363ace2737ba2cdd3
-
SHA256
0900bdd0701e14a674c4872d82138a97b907db981866633d6cf6d9f243def4ed
-
SHA512
bd104b6b83ac08019d88a89511dbdb11e173340dd0126728f4cfdb4f1de4c0db5497bed4e9e9bb50d2467a373f271ed9d8a925a61d0ca2f6ce61b07be542085e
-
SSDEEP
1536:Zit8iAuismyws3hAeLw0wF9MGM9K/oKtNgCMbA1bL3N+NM5Uf1NIjnZ5:oOe/KLOM52Cnr
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2