General
-
Target
ee26475f1e083ac977315312d52f4173_JaffaCakes118
-
Size
112KB
-
Sample
240920-wqrp6azcrb
-
MD5
ee26475f1e083ac977315312d52f4173
-
SHA1
b0f1bc5bc76e382a902c5e21d36f757465a3eb9d
-
SHA256
381e5e5773feccefb805942fa6aa738b330ef71b7cac04b3802bf2f390d0d793
-
SHA512
d75a1a63bf7332bc124355e2e1a45d02cfdc4a77dcd5a7c256d6fc4d34fe05a5d9c4532cfd5e9cbf372fcff4bd3cdcb70355af54b03a9f7dd1c70f45dae060e4
-
SSDEEP
3072:nEn6jrF+X4g+RXujvcKPUJlZnPo1IpME831bIkI8SZIP90DU6MwsEyPgEwqgvvKT:jcu6EtlNV
Malware Config
Targets
-
-
Target
ee26475f1e083ac977315312d52f4173_JaffaCakes118
-
Size
112KB
-
MD5
ee26475f1e083ac977315312d52f4173
-
SHA1
b0f1bc5bc76e382a902c5e21d36f757465a3eb9d
-
SHA256
381e5e5773feccefb805942fa6aa738b330ef71b7cac04b3802bf2f390d0d793
-
SHA512
d75a1a63bf7332bc124355e2e1a45d02cfdc4a77dcd5a7c256d6fc4d34fe05a5d9c4532cfd5e9cbf372fcff4bd3cdcb70355af54b03a9f7dd1c70f45dae060e4
-
SSDEEP
3072:nEn6jrF+X4g+RXujvcKPUJlZnPo1IpME831bIkI8SZIP90DU6MwsEyPgEwqgvvKT:jcu6EtlNV
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2