General
-
Target
edb7ad18f9659ea43d276e0127f84699_JaffaCakes118
-
Size
212KB
-
Sample
240920-q2pr2syhre
-
MD5
edb7ad18f9659ea43d276e0127f84699
-
SHA1
216d0aae334a0fe830672c12f8624d0f8e384ab7
-
SHA256
56100a5f702563f6985e62a25af7bc3ffcd3e306e62c5eca3036f8aebbd62d98
-
SHA512
ee25948f71e256d7e699e6e88fdc22dac985a8711a46754e30cc5e339aa097f4704092b3af59c78553d83b6ecf923c93ee570d714aff55045801d35c912a7603
-
SSDEEP
6144:+RpD+AFwzWQJheLz+PTbCH74/gvjUsCFKnvmb7/D260RFeG2H4Xxze1ILweo8Vn1:UDTFweOPTbCH74/gvjUsCFKnvmb7/D2p
Malware Config
Targets
-
-
Target
edb7ad18f9659ea43d276e0127f84699_JaffaCakes118
-
Size
212KB
-
MD5
edb7ad18f9659ea43d276e0127f84699
-
SHA1
216d0aae334a0fe830672c12f8624d0f8e384ab7
-
SHA256
56100a5f702563f6985e62a25af7bc3ffcd3e306e62c5eca3036f8aebbd62d98
-
SHA512
ee25948f71e256d7e699e6e88fdc22dac985a8711a46754e30cc5e339aa097f4704092b3af59c78553d83b6ecf923c93ee570d714aff55045801d35c912a7603
-
SSDEEP
6144:+RpD+AFwzWQJheLz+PTbCH74/gvjUsCFKnvmb7/D260RFeG2H4Xxze1ILweo8Vn1:UDTFweOPTbCH74/gvjUsCFKnvmb7/D2p
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2