General
-
Target
edbe52aa3594574b537d8446bd1dd80e_JaffaCakes118
-
Size
420KB
-
Sample
240920-ra56dszekc
-
MD5
edbe52aa3594574b537d8446bd1dd80e
-
SHA1
a384b5830c86af82f1d7d62670451f0d9896cbc5
-
SHA256
1b0cbb9ae11eb8197bc6889b5420b9f20669d878a5f53526ee2cd7d58498df36
-
SHA512
484f82a782427eb086c56f1e467cf024ed3d5a9b1d4af82575ab70b3b4ef8622dab8786f11ed12b45c313cde5ca94a56879f0c9cae63ad974ee5e6df58b373ed
-
SSDEEP
6144:ywWJjjqFk7qFoQudlhiP5+6yCtfGiICZFGu:yfK2QudeYryF7
Malware Config
Targets
-
-
Target
edbe52aa3594574b537d8446bd1dd80e_JaffaCakes118
-
Size
420KB
-
MD5
edbe52aa3594574b537d8446bd1dd80e
-
SHA1
a384b5830c86af82f1d7d62670451f0d9896cbc5
-
SHA256
1b0cbb9ae11eb8197bc6889b5420b9f20669d878a5f53526ee2cd7d58498df36
-
SHA512
484f82a782427eb086c56f1e467cf024ed3d5a9b1d4af82575ab70b3b4ef8622dab8786f11ed12b45c313cde5ca94a56879f0c9cae63ad974ee5e6df58b373ed
-
SSDEEP
6144:ywWJjjqFk7qFoQudlhiP5+6yCtfGiICZFGu:yfK2QudeYryF7
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2