General
-
Target
ee16787448f3ef127e0326920e1e812d_JaffaCakes118
-
Size
124KB
-
Sample
240920-v2pjhaybkb
-
MD5
ee16787448f3ef127e0326920e1e812d
-
SHA1
ae7f7c3a9881f5483f5cbf2b7904f1f9ce286952
-
SHA256
a30661455a0bb18f626176fbd00e6628438d8bbc1ca7451439031ed13202dbf5
-
SHA512
ac82c53e20a6e49c4eb1fcd9bf4a9eac91adf8ff83075d20767e375006259284098a1506345b46429383705c8ef9d733fc3a346245c3f8ffbe0b5ead6bf093d3
-
SSDEEP
3072:ICcjiBKYK3vXvOG2RdYjH08qdLxilMiyfwAfGxMwV:5cgKYK3vXWG4mzQLxilMiyfwAfGx
Malware Config
Targets
-
-
Target
ee16787448f3ef127e0326920e1e812d_JaffaCakes118
-
Size
124KB
-
MD5
ee16787448f3ef127e0326920e1e812d
-
SHA1
ae7f7c3a9881f5483f5cbf2b7904f1f9ce286952
-
SHA256
a30661455a0bb18f626176fbd00e6628438d8bbc1ca7451439031ed13202dbf5
-
SHA512
ac82c53e20a6e49c4eb1fcd9bf4a9eac91adf8ff83075d20767e375006259284098a1506345b46429383705c8ef9d733fc3a346245c3f8ffbe0b5ead6bf093d3
-
SSDEEP
3072:ICcjiBKYK3vXvOG2RdYjH08qdLxilMiyfwAfGxMwV:5cgKYK3vXWG4mzQLxilMiyfwAfGx
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2