General
-
Target
ee0f3c7d69bdc0378ebb3538ab77f546_JaffaCakes118
-
Size
100KB
-
Sample
240920-vrftlsxend
-
MD5
ee0f3c7d69bdc0378ebb3538ab77f546
-
SHA1
41fed230e53d6d26e14cc251740552b3134c5e7a
-
SHA256
dedc422e61c0701efba36976d6ad70c46518e380e368fd931773f5618d5de521
-
SHA512
3d3826dce457cf49001781d58010b8f92198199c77ea0de4d358c9a917028ca32cbf6a00481076499c2a72bb2c31f81db1bafa836b37df927c6b2cb8ed703943
-
SSDEEP
1536:HQtGn82NTzwnZMGAc4ohrPXo+73Rez8b0SyuNIjnZq:HwnAurPX7CuCnY
Malware Config
Targets
-
-
Target
ee0f3c7d69bdc0378ebb3538ab77f546_JaffaCakes118
-
Size
100KB
-
MD5
ee0f3c7d69bdc0378ebb3538ab77f546
-
SHA1
41fed230e53d6d26e14cc251740552b3134c5e7a
-
SHA256
dedc422e61c0701efba36976d6ad70c46518e380e368fd931773f5618d5de521
-
SHA512
3d3826dce457cf49001781d58010b8f92198199c77ea0de4d358c9a917028ca32cbf6a00481076499c2a72bb2c31f81db1bafa836b37df927c6b2cb8ed703943
-
SSDEEP
1536:HQtGn82NTzwnZMGAc4ohrPXo+73Rez8b0SyuNIjnZq:HwnAurPX7CuCnY
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2