General
-
Target
ee3c35428e87fb8a11ab89f827cf026b_JaffaCakes118
-
Size
100KB
-
Sample
240920-xns1waserl
-
MD5
ee3c35428e87fb8a11ab89f827cf026b
-
SHA1
1eefe9b3db6c99cdf3f4a4bc5d49dc4ad87ddae7
-
SHA256
89ee507929d082167e5794efc961748ff2f88e049cd60058e1fa1a3fc49d2834
-
SHA512
fd20b8ffa38311ff06f1ad703ad290c5b6dc46efba91efb22c0fa8d1ba401d43fcd591d4dace5294fd3e042f46d11bed9b96bd41c3141b087b2cbbc4581b8406
-
SSDEEP
1536:nMp8iAuismywsbSWLw0wF9MGM9K/oKtNgCMbA1bL3N+NM5UfONIjnZwT:8bSW/KLOM5FCnGT
Malware Config
Targets
-
-
Target
ee3c35428e87fb8a11ab89f827cf026b_JaffaCakes118
-
Size
100KB
-
MD5
ee3c35428e87fb8a11ab89f827cf026b
-
SHA1
1eefe9b3db6c99cdf3f4a4bc5d49dc4ad87ddae7
-
SHA256
89ee507929d082167e5794efc961748ff2f88e049cd60058e1fa1a3fc49d2834
-
SHA512
fd20b8ffa38311ff06f1ad703ad290c5b6dc46efba91efb22c0fa8d1ba401d43fcd591d4dace5294fd3e042f46d11bed9b96bd41c3141b087b2cbbc4581b8406
-
SSDEEP
1536:nMp8iAuismywsbSWLw0wF9MGM9K/oKtNgCMbA1bL3N+NM5UfONIjnZwT:8bSW/KLOM5FCnGT
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2