General
-
Target
ee29925fdf0aa48ae35fdaf608e8f1fe_JaffaCakes118
-
Size
348KB
-
Sample
240920-wvk36szhnj
-
MD5
ee29925fdf0aa48ae35fdaf608e8f1fe
-
SHA1
be89a23b440dd9537ec8beba34e8b355c60e5e3d
-
SHA256
be3009d10563865f9232e535ce74cddf42304e1d25e2db2e5f0ddc8798e86980
-
SHA512
8ba86433cbed735115bf8d01c5b5aab49390cf9ab2cb92c3dcdb005e0bdc2f15eb4da571fb68e4683fc89116179e9f1c3318be66f3c44aa953d720ec0cd3fb4a
-
SSDEEP
3072:DCziYRV2BAOZ6D4UeGQnngwb4yPNcq2zR2BwAdASiVOoGM0zdWEdcGpaCau:O2xA/46In5b40NcD2vjoGOY
Malware Config
Targets
-
-
Target
ee29925fdf0aa48ae35fdaf608e8f1fe_JaffaCakes118
-
Size
348KB
-
MD5
ee29925fdf0aa48ae35fdaf608e8f1fe
-
SHA1
be89a23b440dd9537ec8beba34e8b355c60e5e3d
-
SHA256
be3009d10563865f9232e535ce74cddf42304e1d25e2db2e5f0ddc8798e86980
-
SHA512
8ba86433cbed735115bf8d01c5b5aab49390cf9ab2cb92c3dcdb005e0bdc2f15eb4da571fb68e4683fc89116179e9f1c3318be66f3c44aa953d720ec0cd3fb4a
-
SSDEEP
3072:DCziYRV2BAOZ6D4UeGQnngwb4yPNcq2zR2BwAdASiVOoGM0zdWEdcGpaCau:O2xA/46In5b40NcD2vjoGOY
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2