General
-
Target
ed9dbd4a93c78ce6885d3d9da907622a_JaffaCakes118
-
Size
144KB
-
Sample
240920-pyrxkaxalf
-
MD5
ed9dbd4a93c78ce6885d3d9da907622a
-
SHA1
16ebc32c86b28bd6cf5fcf8ea00e263387308583
-
SHA256
a5c3dc362b6e3e7171375e5a4f60260e9f09cfd4df819e7f4cfb2b54fd630621
-
SHA512
1140d1c56bbdcb6e13b4477551873a6054855d43a22a8d929dc5cd1f6385cf8a70d9e0d44bb91093700cdaab890867a9566134fd4269b620e6d3cee91513eec8
-
SSDEEP
3072:xin6lcWd5gVUL5mynf1lFCm8hlJvzMwgv21A4oQZiEd8GF:xin521Cm8hlJvzMwgvhWH88
Malware Config
Targets
-
-
Target
ed9dbd4a93c78ce6885d3d9da907622a_JaffaCakes118
-
Size
144KB
-
MD5
ed9dbd4a93c78ce6885d3d9da907622a
-
SHA1
16ebc32c86b28bd6cf5fcf8ea00e263387308583
-
SHA256
a5c3dc362b6e3e7171375e5a4f60260e9f09cfd4df819e7f4cfb2b54fd630621
-
SHA512
1140d1c56bbdcb6e13b4477551873a6054855d43a22a8d929dc5cd1f6385cf8a70d9e0d44bb91093700cdaab890867a9566134fd4269b620e6d3cee91513eec8
-
SSDEEP
3072:xin6lcWd5gVUL5mynf1lFCm8hlJvzMwgv21A4oQZiEd8GF:xin521Cm8hlJvzMwgvhWH88
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2