General
-
Target
ee0ba09af8a44fbaf785252c806de6af_JaffaCakes118
-
Size
132KB
-
Sample
240920-vlbbyaxcjh
-
MD5
ee0ba09af8a44fbaf785252c806de6af
-
SHA1
a0fe476ec752dc49d85bb04f875fa102a2714d80
-
SHA256
0469a592f34cfcd3350a77e0889f4eb633f2985a0efbdb42d9f58a6578f074c7
-
SHA512
6eec55e272e0fe28a0db9ccc97b72e212e95d2139702d087a767d804c0772910d0d7522835a5d7cfd2d246f39e0e97096e0dbc1de42272e6efd321b838e64228
-
SSDEEP
1536:NOxPYeTIpdhqXFixXVG4e2JLBJ3Ue05znybzPe9j+wo7JaS4:mYeTIpSFixFG4e1ybGKwQq
Malware Config
Targets
-
-
Target
ee0ba09af8a44fbaf785252c806de6af_JaffaCakes118
-
Size
132KB
-
MD5
ee0ba09af8a44fbaf785252c806de6af
-
SHA1
a0fe476ec752dc49d85bb04f875fa102a2714d80
-
SHA256
0469a592f34cfcd3350a77e0889f4eb633f2985a0efbdb42d9f58a6578f074c7
-
SHA512
6eec55e272e0fe28a0db9ccc97b72e212e95d2139702d087a767d804c0772910d0d7522835a5d7cfd2d246f39e0e97096e0dbc1de42272e6efd321b838e64228
-
SSDEEP
1536:NOxPYeTIpdhqXFixXVG4e2JLBJ3Ue05znybzPe9j+wo7JaS4:mYeTIpSFixFG4e1ybGKwQq
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2