General
-
Target
edd1824ba775f9af12fe5e3015a039e3_JaffaCakes118
-
Size
240KB
-
Sample
240920-r4g1na1hnc
-
MD5
edd1824ba775f9af12fe5e3015a039e3
-
SHA1
e9e29d3cfca9ac2a30aee821f2dd12e74b6d32e8
-
SHA256
9e428646d05b8fd49c634f65509d3d5c334bab113cbc1ff44d1ff396c4f06db7
-
SHA512
5d19640cef000f0223caad43e05af1ca690b46f355841677ce6f5be92a0e0f0a48fe23ad1f997811b022faa5cd14169ca4cba8f06e305079b4bed4e9db96d298
-
SSDEEP
6144:Xf3dwqsNTNEXGlQR58EqxF6snji81RUinKq3aEESliD3:XfdQKjeaEEpz
Malware Config
Targets
-
-
Target
edd1824ba775f9af12fe5e3015a039e3_JaffaCakes118
-
Size
240KB
-
MD5
edd1824ba775f9af12fe5e3015a039e3
-
SHA1
e9e29d3cfca9ac2a30aee821f2dd12e74b6d32e8
-
SHA256
9e428646d05b8fd49c634f65509d3d5c334bab113cbc1ff44d1ff396c4f06db7
-
SHA512
5d19640cef000f0223caad43e05af1ca690b46f355841677ce6f5be92a0e0f0a48fe23ad1f997811b022faa5cd14169ca4cba8f06e305079b4bed4e9db96d298
-
SSDEEP
6144:Xf3dwqsNTNEXGlQR58EqxF6snji81RUinKq3aEESliD3:XfdQKjeaEEpz
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2