General
-
Target
eddb4eb195024878bf4d1833d282f6bd_JaffaCakes118
-
Size
248KB
-
Sample
240920-sjh8nasfma
-
MD5
eddb4eb195024878bf4d1833d282f6bd
-
SHA1
cefe34a0fd052712083940b3c513bc5a8eaef5cb
-
SHA256
1ec1ef07bb9711b7d54827182e09f938a236f43d871e4885bd1ec7521662a6c5
-
SHA512
181d78a34b19a7fee09446748102890399754d7b58e188c13c375d8e5f3e083c7d7280d5623ddcc29acfc0b0a2e04984fa078ae0a3ee4b106ee17cda3ff76f0d
-
SSDEEP
1536:2rIP+ObSj0IaxamasaXaq4noBU66yVZxrkEhj7:+I210O7
Malware Config
Targets
-
-
Target
eddb4eb195024878bf4d1833d282f6bd_JaffaCakes118
-
Size
248KB
-
MD5
eddb4eb195024878bf4d1833d282f6bd
-
SHA1
cefe34a0fd052712083940b3c513bc5a8eaef5cb
-
SHA256
1ec1ef07bb9711b7d54827182e09f938a236f43d871e4885bd1ec7521662a6c5
-
SHA512
181d78a34b19a7fee09446748102890399754d7b58e188c13c375d8e5f3e083c7d7280d5623ddcc29acfc0b0a2e04984fa078ae0a3ee4b106ee17cda3ff76f0d
-
SSDEEP
1536:2rIP+ObSj0IaxamasaXaq4noBU66yVZxrkEhj7:+I210O7
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2