General
-
Target
eeb74d6ef7966bd3591d913e72793689_JaffaCakes118
-
Size
212KB
-
Sample
240921-alswrswenp
-
MD5
eeb74d6ef7966bd3591d913e72793689
-
SHA1
ed20dd3041529960ecd345f4a3906b3714a62904
-
SHA256
2e03116380cbf7448f72a1e1dd3bffc113f6593e8a3dcaad94a78c132088aac0
-
SHA512
0e51012c2fd97def92e2c5e9c3d4703a60552e8c79f66b065ac9eab06cea773963d732a7850a0f6467a34762a056d78cdaaca4b0cb071d5eba0f056956e4951c
-
SSDEEP
6144:up4V2IrqJQNbufrI4ukDnx/8vtvwzsmMAEu3Wev5kBirl87VFt6En9x7Xf7oufa2:up4DmGbMrI4ukDnx/8vtvwzsmMAEGHvC
Malware Config
Targets
-
-
Target
eeb74d6ef7966bd3591d913e72793689_JaffaCakes118
-
Size
212KB
-
MD5
eeb74d6ef7966bd3591d913e72793689
-
SHA1
ed20dd3041529960ecd345f4a3906b3714a62904
-
SHA256
2e03116380cbf7448f72a1e1dd3bffc113f6593e8a3dcaad94a78c132088aac0
-
SHA512
0e51012c2fd97def92e2c5e9c3d4703a60552e8c79f66b065ac9eab06cea773963d732a7850a0f6467a34762a056d78cdaaca4b0cb071d5eba0f056956e4951c
-
SSDEEP
6144:up4V2IrqJQNbufrI4ukDnx/8vtvwzsmMAEu3Wev5kBirl87VFt6En9x7Xf7oufa2:up4DmGbMrI4ukDnx/8vtvwzsmMAEGHvC
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2