General
-
Target
ee600aec3c72adb061ea2ec2c30188f2_JaffaCakes118
-
Size
220KB
-
Sample
240920-zb1ajawhrk
-
MD5
ee600aec3c72adb061ea2ec2c30188f2
-
SHA1
891427baaa78b914589c35e3c2abdf60e20e00c0
-
SHA256
743227b77a0473add92caffc3a3ed7dc94f3a24ed322b9a1d34c23bed7807e6b
-
SHA512
9209c3b29c3415a38d4e8fd236708ff46de6c65f4b1f32404c274416a992c18d5b88323a77eb72d257cc1a0faf2eed69063ed33c5dc2852a95c85b1dd3afa9cc
-
SSDEEP
6144:oXyGJkoETYHg5mMR8dogDtFzTf2rEfeeScKpBagLVwkM8g3Ip4zuMY0ju9pgpGw:y6dTYH+NK2+zHeYGlJpBaMfM8g3Nu9pR
Malware Config
Targets
-
-
Target
ee600aec3c72adb061ea2ec2c30188f2_JaffaCakes118
-
Size
220KB
-
MD5
ee600aec3c72adb061ea2ec2c30188f2
-
SHA1
891427baaa78b914589c35e3c2abdf60e20e00c0
-
SHA256
743227b77a0473add92caffc3a3ed7dc94f3a24ed322b9a1d34c23bed7807e6b
-
SHA512
9209c3b29c3415a38d4e8fd236708ff46de6c65f4b1f32404c274416a992c18d5b88323a77eb72d257cc1a0faf2eed69063ed33c5dc2852a95c85b1dd3afa9cc
-
SSDEEP
6144:oXyGJkoETYHg5mMR8dogDtFzTf2rEfeeScKpBagLVwkM8g3Ip4zuMY0ju9pgpGw:y6dTYH+NK2+zHeYGlJpBaMfM8g3Nu9pR
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2