General
-
Target
ee1bc108f7fdec3a742dbdd1f8be21bb_JaffaCakes118
-
Size
156KB
-
Sample
240920-v9h2payhkl
-
MD5
ee1bc108f7fdec3a742dbdd1f8be21bb
-
SHA1
0de1c9f5c5fc4a8f6fc23ecec58390a148945a75
-
SHA256
1892889416518a26e8160da6dea08a5f307e5f34ff96f3eccf48fcf96ec55971
-
SHA512
f641977a88ad4ea58c0e4458c4dbd234f71be37c23a5fd36483216d1b1f1c91a232be52600ebd3e077448947fb7a1ec56ac445192163b2f0b9bf21e8dc5eec60
-
SSDEEP
1536:9S6FmSkLXReN5qNMin5FI4gVeHAQWK6aStFdwRRurNos1LbLkOVv:46wT9TuHMRkpFL/
Malware Config
Targets
-
-
Target
ee1bc108f7fdec3a742dbdd1f8be21bb_JaffaCakes118
-
Size
156KB
-
MD5
ee1bc108f7fdec3a742dbdd1f8be21bb
-
SHA1
0de1c9f5c5fc4a8f6fc23ecec58390a148945a75
-
SHA256
1892889416518a26e8160da6dea08a5f307e5f34ff96f3eccf48fcf96ec55971
-
SHA512
f641977a88ad4ea58c0e4458c4dbd234f71be37c23a5fd36483216d1b1f1c91a232be52600ebd3e077448947fb7a1ec56ac445192163b2f0b9bf21e8dc5eec60
-
SSDEEP
1536:9S6FmSkLXReN5qNMin5FI4gVeHAQWK6aStFdwRRurNos1LbLkOVv:46wT9TuHMRkpFL/
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2