General
-
Target
edecbdfbce5fbd4dcb1f14ce49c5008c_JaffaCakes118
-
Size
248KB
-
Sample
240920-taedsavdpk
-
MD5
edecbdfbce5fbd4dcb1f14ce49c5008c
-
SHA1
bb0d31da961bfc41284211c5db4bf9d01e540904
-
SHA256
255d46c2723dc77928bf61d6ecbf5c530239016e2bb8d611085a5d67f0d76648
-
SHA512
c3ed192deeaf9c5eee40bd9103f6b472b99e9d4f22911069b5a80dc53fe6537548591996bdef5c75f09ddd6b5945eb749486f694df3c3ce443c7b8436d175c16
-
SSDEEP
6144:ZjuR3lhBYdaE+XiBwP5RfAlmJotHiPrAqlxxGJjGFPZEDsqgnWflJUi:ZjullhGdaE+XiBwP5RYy+jGR0g6ld
Malware Config
Targets
-
-
Target
edecbdfbce5fbd4dcb1f14ce49c5008c_JaffaCakes118
-
Size
248KB
-
MD5
edecbdfbce5fbd4dcb1f14ce49c5008c
-
SHA1
bb0d31da961bfc41284211c5db4bf9d01e540904
-
SHA256
255d46c2723dc77928bf61d6ecbf5c530239016e2bb8d611085a5d67f0d76648
-
SHA512
c3ed192deeaf9c5eee40bd9103f6b472b99e9d4f22911069b5a80dc53fe6537548591996bdef5c75f09ddd6b5945eb749486f694df3c3ce443c7b8436d175c16
-
SSDEEP
6144:ZjuR3lhBYdaE+XiBwP5RfAlmJotHiPrAqlxxGJjGFPZEDsqgnWflJUi:ZjullhGdaE+XiBwP5RYy+jGR0g6ld
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2