General
-
Target
edb73b3859228cb8c4965431a634120f_JaffaCakes118
-
Size
288KB
-
Sample
240920-q12p8azcmq
-
MD5
edb73b3859228cb8c4965431a634120f
-
SHA1
56127eca1b73adff0e1215784dcce6926fee3082
-
SHA256
79519fd70af8a8dabeff6dd36bdf791c6a973474fb41a9ea2bdd3d36ef478d2b
-
SHA512
db0bbf4addbcc2faadb000c9e217fd757af6ec3efb3af6c9a2e3165acccd4d33fbdacf73b1fb3631488730f9da9d2520ca6a706c3fba5a9285ed3745054c6305
-
SSDEEP
6144:U6XiUvbGuOdn9Z/QmO6Ckobf3fGCmahGLtEU:yUvbGuYnXQmO6Ckobf3fGCmahpU
Malware Config
Targets
-
-
Target
edb73b3859228cb8c4965431a634120f_JaffaCakes118
-
Size
288KB
-
MD5
edb73b3859228cb8c4965431a634120f
-
SHA1
56127eca1b73adff0e1215784dcce6926fee3082
-
SHA256
79519fd70af8a8dabeff6dd36bdf791c6a973474fb41a9ea2bdd3d36ef478d2b
-
SHA512
db0bbf4addbcc2faadb000c9e217fd757af6ec3efb3af6c9a2e3165acccd4d33fbdacf73b1fb3631488730f9da9d2520ca6a706c3fba5a9285ed3745054c6305
-
SSDEEP
6144:U6XiUvbGuOdn9Z/QmO6Ckobf3fGCmahGLtEU:yUvbGuYnXQmO6Ckobf3fGCmahpU
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2