General
-
Target
eeb1c15c8f6a8346ec0b066504e5affa_JaffaCakes118
-
Size
312KB
-
Sample
240921-acbacsvhna
-
MD5
eeb1c15c8f6a8346ec0b066504e5affa
-
SHA1
ba323ab8a31d65708ebd5fe0a8a0722fcdf637b9
-
SHA256
d1bf57cc8b80028e50f795978537fe3f6201637ff664b8ef069e93af96d38aa3
-
SHA512
54b34526c42a6bb807a1ece41ccd8bca09b3f155286fd5c6b849d422b0435ac20f8cad0d3e0a8112cacf1d8b27b73a9febc98ab53523c55ec1c8d0ed034c8014
-
SSDEEP
6144:zwbc0f7XP+g3AGJpWVzugRHeEgRK/fObT/bGiJKv6R7MkZ4lUr8W9HuOGKqvsMMG:Uw27/XvLWpuWeEgRK/fObT/bGiJlMkZm
Malware Config
Targets
-
-
Target
eeb1c15c8f6a8346ec0b066504e5affa_JaffaCakes118
-
Size
312KB
-
MD5
eeb1c15c8f6a8346ec0b066504e5affa
-
SHA1
ba323ab8a31d65708ebd5fe0a8a0722fcdf637b9
-
SHA256
d1bf57cc8b80028e50f795978537fe3f6201637ff664b8ef069e93af96d38aa3
-
SHA512
54b34526c42a6bb807a1ece41ccd8bca09b3f155286fd5c6b849d422b0435ac20f8cad0d3e0a8112cacf1d8b27b73a9febc98ab53523c55ec1c8d0ed034c8014
-
SSDEEP
6144:zwbc0f7XP+g3AGJpWVzugRHeEgRK/fObT/bGiJKv6R7MkZ4lUr8W9HuOGKqvsMMG:Uw27/XvLWpuWeEgRK/fObT/bGiJlMkZm
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2