General
-
Target
ee5126a9815b9f7f8dca4c67afea77bf_JaffaCakes118
-
Size
232KB
-
Sample
240920-ymwwtavdmh
-
MD5
ee5126a9815b9f7f8dca4c67afea77bf
-
SHA1
7951abc1c59ef46f8722ac0b942394f13f5406fe
-
SHA256
77defdbfbbc8a29dfeb1b852188842d140e19636e0732a94ede5adf4a79e528e
-
SHA512
70b4152ba8ba242410de13769ef526fbb75c2febf6732c36606ae8251aec37a3acdb0497948825b8947c53a422c8eb98dfcf6cdddc318071652e152935b3c149
-
SSDEEP
6144:k3PFKs7diixRSFBfWEqxF6snji81RUinK51jbkxkurF:ePhJuBXVbkxJZ
Malware Config
Targets
-
-
Target
ee5126a9815b9f7f8dca4c67afea77bf_JaffaCakes118
-
Size
232KB
-
MD5
ee5126a9815b9f7f8dca4c67afea77bf
-
SHA1
7951abc1c59ef46f8722ac0b942394f13f5406fe
-
SHA256
77defdbfbbc8a29dfeb1b852188842d140e19636e0732a94ede5adf4a79e528e
-
SHA512
70b4152ba8ba242410de13769ef526fbb75c2febf6732c36606ae8251aec37a3acdb0497948825b8947c53a422c8eb98dfcf6cdddc318071652e152935b3c149
-
SSDEEP
6144:k3PFKs7diixRSFBfWEqxF6snji81RUinK51jbkxkurF:ePhJuBXVbkxJZ
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2