General
-
Target
ee12a7c972dcaf4c122a5342ffb4bab8_JaffaCakes118
-
Size
228KB
-
Sample
240920-vv9k4aybpl
-
MD5
ee12a7c972dcaf4c122a5342ffb4bab8
-
SHA1
54f72fc8e648f1323de965d656b387bd33d6c053
-
SHA256
706fd9ce9023be86d7e8b983a72e29d81924918489cb5f1de45a4ab64f9b0dcd
-
SHA512
4740a1339bdf1da4b27b52a19ffff99e4f49b4215f5f96696efe5ee5301314661e2621db16878c281fe14f927087977dbfcf7e7b8bccd0ff94e477bff044d3be
-
SSDEEP
3072:vmkiAEyOTPI/YXYqqd8MoNrozX+h2RAGCD6fbPvQP:vmC3/qqdGrhAey7vQ
Malware Config
Targets
-
-
Target
ee12a7c972dcaf4c122a5342ffb4bab8_JaffaCakes118
-
Size
228KB
-
MD5
ee12a7c972dcaf4c122a5342ffb4bab8
-
SHA1
54f72fc8e648f1323de965d656b387bd33d6c053
-
SHA256
706fd9ce9023be86d7e8b983a72e29d81924918489cb5f1de45a4ab64f9b0dcd
-
SHA512
4740a1339bdf1da4b27b52a19ffff99e4f49b4215f5f96696efe5ee5301314661e2621db16878c281fe14f927087977dbfcf7e7b8bccd0ff94e477bff044d3be
-
SSDEEP
3072:vmkiAEyOTPI/YXYqqd8MoNrozX+h2RAGCD6fbPvQP:vmC3/qqdGrhAey7vQ
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2