General
-
Target
ee592c6d1362800c2ef8191dca3d5d12_JaffaCakes118
-
Size
252KB
-
Sample
240920-y1rt1swbjg
-
MD5
ee592c6d1362800c2ef8191dca3d5d12
-
SHA1
646ef61c4bf94656158afb49accb5ba18f7f738d
-
SHA256
86c13effbfd401f6ccbea770858ef96763dd1358437ce297bdb6328ce97d9749
-
SHA512
fd623adbdcc3686aa97d3557f2f3386acfb0178f82ca23edda687ad7d2dc4d32c7535e68c3b113b02d6f0caafce66413ae7807850b70592ae282f01c0ccb4a0d
-
SSDEEP
6144:x+AQyrimEU/EztV++Jbtd4lfn8hFXbTom85FMnH:xNZrimr/EztV++JZd4lfnSTo7F
Malware Config
Targets
-
-
Target
ee592c6d1362800c2ef8191dca3d5d12_JaffaCakes118
-
Size
252KB
-
MD5
ee592c6d1362800c2ef8191dca3d5d12
-
SHA1
646ef61c4bf94656158afb49accb5ba18f7f738d
-
SHA256
86c13effbfd401f6ccbea770858ef96763dd1358437ce297bdb6328ce97d9749
-
SHA512
fd623adbdcc3686aa97d3557f2f3386acfb0178f82ca23edda687ad7d2dc4d32c7535e68c3b113b02d6f0caafce66413ae7807850b70592ae282f01c0ccb4a0d
-
SSDEEP
6144:x+AQyrimEU/EztV++Jbtd4lfn8hFXbTom85FMnH:xNZrimr/EztV++JZd4lfnSTo7F
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2