General
-
Target
ee59735d0b5a73d51cdce9abe2274594_JaffaCakes118
-
Size
332KB
-
Sample
240920-y1372swbkh
-
MD5
ee59735d0b5a73d51cdce9abe2274594
-
SHA1
9120871846b8b2aeb3f912253206d92b3f125d14
-
SHA256
a0498b41c74a4fa8e6d05f3bde895ecb107873c3a975080d7fa55885e8e16011
-
SHA512
8af2382d7ebbb7258c3de9e4a6bff040ddaebc79afb3615fc9c4709f83dbccace53e851856c7cdb0edcf5c09008be881533bd89e3678999caa9fa2ebbc0e424a
-
SSDEEP
6144:TTepYGCleWHLNAnJHms8aBDR12SgqDxYWc:TadNnFV12VqDq
Malware Config
Targets
-
-
Target
ee59735d0b5a73d51cdce9abe2274594_JaffaCakes118
-
Size
332KB
-
MD5
ee59735d0b5a73d51cdce9abe2274594
-
SHA1
9120871846b8b2aeb3f912253206d92b3f125d14
-
SHA256
a0498b41c74a4fa8e6d05f3bde895ecb107873c3a975080d7fa55885e8e16011
-
SHA512
8af2382d7ebbb7258c3de9e4a6bff040ddaebc79afb3615fc9c4709f83dbccace53e851856c7cdb0edcf5c09008be881533bd89e3678999caa9fa2ebbc0e424a
-
SSDEEP
6144:TTepYGCleWHLNAnJHms8aBDR12SgqDxYWc:TadNnFV12VqDq
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2