General
-
Target
ee0fde1ffa3a56b7e9e8466b54fc1cd9_JaffaCakes118
-
Size
240KB
-
Sample
240920-vr9fxsxerf
-
MD5
ee0fde1ffa3a56b7e9e8466b54fc1cd9
-
SHA1
e69dda5bfd6d115df13daa0ad34fc21e3719a42d
-
SHA256
1f598d7eec5d0c8a73747661edacc709be7c218003c6a5d050fb2a13aecdb8ea
-
SHA512
31f6704cdbad4e832ec171953e48ff83c14076860e10d994c90457ed467ab9f24dfa2df650374dc614742b1f30177a90f5266b3abf02c59e3a276aafb98c020d
-
SSDEEP
6144:fUM3dwqsNwemAB0EqxF6snji81RUinKchhyrSQ:ndQQJsm
Malware Config
Targets
-
-
Target
ee0fde1ffa3a56b7e9e8466b54fc1cd9_JaffaCakes118
-
Size
240KB
-
MD5
ee0fde1ffa3a56b7e9e8466b54fc1cd9
-
SHA1
e69dda5bfd6d115df13daa0ad34fc21e3719a42d
-
SHA256
1f598d7eec5d0c8a73747661edacc709be7c218003c6a5d050fb2a13aecdb8ea
-
SHA512
31f6704cdbad4e832ec171953e48ff83c14076860e10d994c90457ed467ab9f24dfa2df650374dc614742b1f30177a90f5266b3abf02c59e3a276aafb98c020d
-
SSDEEP
6144:fUM3dwqsNwemAB0EqxF6snji81RUinKchhyrSQ:ndQQJsm
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2