General
-
Target
eda9af60aedff23e13dce0da64d09d03_JaffaCakes118
-
Size
124KB
-
Sample
240920-qgkycsxhmc
-
MD5
eda9af60aedff23e13dce0da64d09d03
-
SHA1
f95b4c220679bdaa247f3673bfe2af95c5c3a6e5
-
SHA256
24bcaee225c177c6cf8f40d9ec91d15d7e50b8df1d4d229fd324d8c262793e5b
-
SHA512
cb2e70e91edf7480f7f9ff98cf7c8c59c4cdf2ca0527b0bc817f5fd7a300a8c908571b31ef997235f2ed885470bdbcc101d59cacc184380654dbf20d7d2c7f28
-
SSDEEP
1536:qiEk4wR5uBxLDtVdHa27J14lWxporZ45i8NeG0h/E:ZEk4wR5kLt6gJ1uPt45OM
Malware Config
Targets
-
-
Target
eda9af60aedff23e13dce0da64d09d03_JaffaCakes118
-
Size
124KB
-
MD5
eda9af60aedff23e13dce0da64d09d03
-
SHA1
f95b4c220679bdaa247f3673bfe2af95c5c3a6e5
-
SHA256
24bcaee225c177c6cf8f40d9ec91d15d7e50b8df1d4d229fd324d8c262793e5b
-
SHA512
cb2e70e91edf7480f7f9ff98cf7c8c59c4cdf2ca0527b0bc817f5fd7a300a8c908571b31ef997235f2ed885470bdbcc101d59cacc184380654dbf20d7d2c7f28
-
SSDEEP
1536:qiEk4wR5uBxLDtVdHa27J14lWxporZ45i8NeG0h/E:ZEk4wR5kLt6gJ1uPt45OM
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2