General
-
Target
edd1db2e552d6aa30b5d93c45902eb13_JaffaCakes118
-
Size
124KB
-
Sample
240920-r47w3sscrn
-
MD5
edd1db2e552d6aa30b5d93c45902eb13
-
SHA1
a0467645490f597d9bf093def1df602a6cc4854c
-
SHA256
6812d2c2854fc754f8e8f67a0bb3dc610a221723412ba415673b193b15f24a53
-
SHA512
a4e27a1cf4f5c1f81a5ee1db174b7e2bc9e0d4d89aee959b17302b4d59f0c9580d1e1b57601e064861e6611ce973690a983bbc5ea6d6b759b593fcf00ad577e8
-
SSDEEP
1536:p9tkjHTQ1DU0GgAJa0P1kNmKldCMhdu8KWP/nTn8nBP9VeMNeG0h/E:Nkj01DU0GgAT9gM
Malware Config
Targets
-
-
Target
edd1db2e552d6aa30b5d93c45902eb13_JaffaCakes118
-
Size
124KB
-
MD5
edd1db2e552d6aa30b5d93c45902eb13
-
SHA1
a0467645490f597d9bf093def1df602a6cc4854c
-
SHA256
6812d2c2854fc754f8e8f67a0bb3dc610a221723412ba415673b193b15f24a53
-
SHA512
a4e27a1cf4f5c1f81a5ee1db174b7e2bc9e0d4d89aee959b17302b4d59f0c9580d1e1b57601e064861e6611ce973690a983bbc5ea6d6b759b593fcf00ad577e8
-
SSDEEP
1536:p9tkjHTQ1DU0GgAJa0P1kNmKldCMhdu8KWP/nTn8nBP9VeMNeG0h/E:Nkj01DU0GgAT9gM
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2