General
-
Target
edcb5fa46b43641afec907ffd37e5efd_JaffaCakes118
-
Size
192KB
-
Sample
240920-rvxdzs1hlj
-
MD5
edcb5fa46b43641afec907ffd37e5efd
-
SHA1
d07b5cebb96a6869d5fbaef3c6b86f38cc288c61
-
SHA256
5851e8a330c25469ffafb14510ffa72cc3e565332b869f5c5d151fd46f1ef2ac
-
SHA512
e028d854c525afaf24c6367cf7b7405e35837b5fea842d30bad4db6ded8c95a8ec4889761b6baaa015f6bd6cb7e09bbc41747ef7964f990602482f259c4bf663
-
SSDEEP
3072:QhrpAZQzuua+ev8vCQAmI1W6snovRjvsThGszqwQ5zIM3QnbMhHLQLkUsvV6Gmj8:QuQzWP8tC1W6snovRjvsThGszqwQ5zIM
Malware Config
Targets
-
-
Target
edcb5fa46b43641afec907ffd37e5efd_JaffaCakes118
-
Size
192KB
-
MD5
edcb5fa46b43641afec907ffd37e5efd
-
SHA1
d07b5cebb96a6869d5fbaef3c6b86f38cc288c61
-
SHA256
5851e8a330c25469ffafb14510ffa72cc3e565332b869f5c5d151fd46f1ef2ac
-
SHA512
e028d854c525afaf24c6367cf7b7405e35837b5fea842d30bad4db6ded8c95a8ec4889761b6baaa015f6bd6cb7e09bbc41747ef7964f990602482f259c4bf663
-
SSDEEP
3072:QhrpAZQzuua+ev8vCQAmI1W6snovRjvsThGszqwQ5zIM3QnbMhHLQLkUsvV6Gmj8:QuQzWP8tC1W6snovRjvsThGszqwQ5zIM
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2