General
-
Target
ee4713812225c5ec49d81b12e25e9b79_JaffaCakes118
-
Size
156KB
-
Sample
240920-x7mm7stfkn
-
MD5
ee4713812225c5ec49d81b12e25e9b79
-
SHA1
87dc60f6f5f1926925e0e2609b0349d95f78efcf
-
SHA256
9f7005acf068e6a1082ba37b233b45b3c1e2a014819afc07ec21bb3c4a7652d2
-
SHA512
244e54a4070896ed3ee70855504cf12cc18eec270dc60512da20fed73d1b430fb7dab1d7047bfce02f856a794951e6a6d7fc186d8ef55c56d1e5735464205b2a
-
SSDEEP
3072:8noxLFTOpMS7yJuu4TrVlpT3rZy93E3ipMdIyH+Y8DuALIXTRLE5j4oQJ5:/xDfJuu4l3rZy93UipMd9+Y8DuZedi
Malware Config
Targets
-
-
Target
ee4713812225c5ec49d81b12e25e9b79_JaffaCakes118
-
Size
156KB
-
MD5
ee4713812225c5ec49d81b12e25e9b79
-
SHA1
87dc60f6f5f1926925e0e2609b0349d95f78efcf
-
SHA256
9f7005acf068e6a1082ba37b233b45b3c1e2a014819afc07ec21bb3c4a7652d2
-
SHA512
244e54a4070896ed3ee70855504cf12cc18eec270dc60512da20fed73d1b430fb7dab1d7047bfce02f856a794951e6a6d7fc186d8ef55c56d1e5735464205b2a
-
SSDEEP
3072:8noxLFTOpMS7yJuu4TrVlpT3rZy93E3ipMdIyH+Y8DuALIXTRLE5j4oQJ5:/xDfJuu4l3rZy93UipMd9+Y8DuZedi
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2