General
-
Target
edb84156d358a4c6ba67615f0919153e_JaffaCakes118
-
Size
132KB
-
Sample
240920-q3fwjazalc
-
MD5
edb84156d358a4c6ba67615f0919153e
-
SHA1
3abfe1f412583d7e26a2c9feabfca412bcb97c87
-
SHA256
7f048b734a80c987e5831b3aa35b1b445bef67e7f14b3ed5c367ff48ea03228a
-
SHA512
b9dfbe81c6d74d96227fadf6a0bc49a39b69cad2cb05f34b0904aacbfa56364af7fea738639b3b8b5c11844c861b62ff3ea8e4d721dca27eb27fd7b2ace56581
-
SSDEEP
3072:1anf/j6NUf6VRlxzhPak8LXo46sBizQimB:m/jiUSVPxNPaLLXoNii8iI
Malware Config
Targets
-
-
Target
edb84156d358a4c6ba67615f0919153e_JaffaCakes118
-
Size
132KB
-
MD5
edb84156d358a4c6ba67615f0919153e
-
SHA1
3abfe1f412583d7e26a2c9feabfca412bcb97c87
-
SHA256
7f048b734a80c987e5831b3aa35b1b445bef67e7f14b3ed5c367ff48ea03228a
-
SHA512
b9dfbe81c6d74d96227fadf6a0bc49a39b69cad2cb05f34b0904aacbfa56364af7fea738639b3b8b5c11844c861b62ff3ea8e4d721dca27eb27fd7b2ace56581
-
SSDEEP
3072:1anf/j6NUf6VRlxzhPak8LXo46sBizQimB:m/jiUSVPxNPaLLXoNii8iI
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2