General
-
Target
ee0c7e41c26f3b7f391d06ae0dac37d5_JaffaCakes118
-
Size
96KB
-
Sample
240920-vmhseaxcph
-
MD5
ee0c7e41c26f3b7f391d06ae0dac37d5
-
SHA1
90c3731410705db1d5e7a7dd060af86fee336581
-
SHA256
3bac6c9110097348e3ee7f544d6f54bb80b8c5b00e1b163cd2504e5aa08fdc2d
-
SHA512
ad4f755c21e58042d3ac2a0ef2d5d8d830262c10df5a2e2e4a04d88f23b223ef2242cbe2d4695593ea8e29d2194e65770e99f50e7def6156815f683cfb5da75b
-
SSDEEP
1536:f0CEg52D9tyVQO8P8ychNwjj3RJNEo/knRzdnynE7RldNEP8lijOevNIjnZK:fbE/DelychkzR3Ek65RldqvCnA
Malware Config
Targets
-
-
Target
ee0c7e41c26f3b7f391d06ae0dac37d5_JaffaCakes118
-
Size
96KB
-
MD5
ee0c7e41c26f3b7f391d06ae0dac37d5
-
SHA1
90c3731410705db1d5e7a7dd060af86fee336581
-
SHA256
3bac6c9110097348e3ee7f544d6f54bb80b8c5b00e1b163cd2504e5aa08fdc2d
-
SHA512
ad4f755c21e58042d3ac2a0ef2d5d8d830262c10df5a2e2e4a04d88f23b223ef2242cbe2d4695593ea8e29d2194e65770e99f50e7def6156815f683cfb5da75b
-
SSDEEP
1536:f0CEg52D9tyVQO8P8ychNwjj3RJNEo/knRzdnynE7RldNEP8lijOevNIjnZK:fbE/DelychkzR3Ek65RldqvCnA
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2