General
-
Target
ee2ab2000ddbab8553074a019908c9b7_JaffaCakes118
-
Size
260KB
-
Sample
240920-ww8wma1akp
-
MD5
ee2ab2000ddbab8553074a019908c9b7
-
SHA1
235f2ac613c206a00e90dbd1c4a28b7132375256
-
SHA256
1705b6177056eba95d91e719fefed5fe46f8d97eb75eab3ed6fcfef786473887
-
SHA512
1d637f64989f509e96188f3e72a07f4a6c6dc4057d1270986436ec226c671f4537d8aefd7e989ae4ce4619de6a1a3c935b2060b7bb04c50f09a717dceac26b9f
-
SSDEEP
3072:FZrcD0HFg5/9Va0BK186RI4uJr/ImfEdcpGJsXS9b:jcD0HUGJmnGJ99
Malware Config
Targets
-
-
Target
ee2ab2000ddbab8553074a019908c9b7_JaffaCakes118
-
Size
260KB
-
MD5
ee2ab2000ddbab8553074a019908c9b7
-
SHA1
235f2ac613c206a00e90dbd1c4a28b7132375256
-
SHA256
1705b6177056eba95d91e719fefed5fe46f8d97eb75eab3ed6fcfef786473887
-
SHA512
1d637f64989f509e96188f3e72a07f4a6c6dc4057d1270986436ec226c671f4537d8aefd7e989ae4ce4619de6a1a3c935b2060b7bb04c50f09a717dceac26b9f
-
SSDEEP
3072:FZrcD0HFg5/9Va0BK186RI4uJr/ImfEdcpGJsXS9b:jcD0HUGJmnGJ99
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2