General
-
Target
ee12d659649c4bd7c35a6d69f8ad5cd1_JaffaCakes118
-
Size
268KB
-
Sample
240920-vwk9wsxgpe
-
MD5
ee12d659649c4bd7c35a6d69f8ad5cd1
-
SHA1
73cdfeca2d9f6e3a45f5041aeb9dc248568d11ae
-
SHA256
d88169fa8c19917f40bc7f67be4a949870f8801421114ebf903899cc4b00a3d8
-
SHA512
eba6ea2a18c2c4bf8a31a4a1e3747126a4322f8e4b652f7b0a5e3871a05dbbd66558823d05166f46dc290ce49142464a2d8f962dbc249bd88775fad93f5406fa
-
SSDEEP
6144:vUKY+6RfWDxVwMQZAuh0LvGJazhmN/BRuvrOG5Qp5X1gVrgh4PD4xh:vUKY+6RfWDxVwMQbpRi6er04PD4x
Malware Config
Targets
-
-
Target
ee12d659649c4bd7c35a6d69f8ad5cd1_JaffaCakes118
-
Size
268KB
-
MD5
ee12d659649c4bd7c35a6d69f8ad5cd1
-
SHA1
73cdfeca2d9f6e3a45f5041aeb9dc248568d11ae
-
SHA256
d88169fa8c19917f40bc7f67be4a949870f8801421114ebf903899cc4b00a3d8
-
SHA512
eba6ea2a18c2c4bf8a31a4a1e3747126a4322f8e4b652f7b0a5e3871a05dbbd66558823d05166f46dc290ce49142464a2d8f962dbc249bd88775fad93f5406fa
-
SSDEEP
6144:vUKY+6RfWDxVwMQZAuh0LvGJazhmN/BRuvrOG5Qp5X1gVrgh4PD4xh:vUKY+6RfWDxVwMQbpRi6er04PD4x
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2