General
-
Target
eda6e58af1b4b78c707d1f94684d0d88_JaffaCakes118
-
Size
56KB
-
Sample
240920-qckrssxfre
-
MD5
eda6e58af1b4b78c707d1f94684d0d88
-
SHA1
fa404edc7f7c735aa35a6f55eb2c9966e477eeb4
-
SHA256
ba1f8f9d04d169e67487c022ecf9ba11dfd4df1c1cc5522190cf7d08bcae2433
-
SHA512
d3d2123cb4b8118de33490de7b19a07f9bba12addb4630b825c14c1c79d9607a4d5bdf615c5e92e17b696ad25b777ac3efe45443601a78aae98d39ea5cf07d01
-
SSDEEP
768:mwH9PIz0iVYw1orGZIf0mq/6/Q/9NF0+LEc8af3ts0E9F:mdzZ2LA2q2oS+Ljb3ts0E9F
Malware Config
Targets
-
-
Target
eda6e58af1b4b78c707d1f94684d0d88_JaffaCakes118
-
Size
56KB
-
MD5
eda6e58af1b4b78c707d1f94684d0d88
-
SHA1
fa404edc7f7c735aa35a6f55eb2c9966e477eeb4
-
SHA256
ba1f8f9d04d169e67487c022ecf9ba11dfd4df1c1cc5522190cf7d08bcae2433
-
SHA512
d3d2123cb4b8118de33490de7b19a07f9bba12addb4630b825c14c1c79d9607a4d5bdf615c5e92e17b696ad25b777ac3efe45443601a78aae98d39ea5cf07d01
-
SSDEEP
768:mwH9PIz0iVYw1orGZIf0mq/6/Q/9NF0+LEc8af3ts0E9F:mdzZ2LA2q2oS+Ljb3ts0E9F
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2