General
-
Target
eebb8317cee8b90473fc2e09fc8c2215_JaffaCakes118
-
Size
256KB
-
Sample
240921-asw7rswfka
-
MD5
eebb8317cee8b90473fc2e09fc8c2215
-
SHA1
8d75b09c70159bf5eabfd93b6d39c2062c173c1e
-
SHA256
5005bb5c2ff76a69b4b5cb5da8ec5bf4ed600c7cb87be8567984f7fcb5aabf36
-
SHA512
0085fa66ab4d2ec9ca52310a1802045b165560e4ec6941ca3064585257a4f67729ab8c35696ae14db6b95dc84e589b23485e41a290e70177568921ea2f80cb90
-
SSDEEP
6144:qv75voNymi+7eeyz2P9NnnnFCpImnTZygoHlKnvmb7/D26UBnmbLBXBJ:qFvoNymi+7eOP9anTZygoHlKnvmb7/DT
Malware Config
Targets
-
-
Target
eebb8317cee8b90473fc2e09fc8c2215_JaffaCakes118
-
Size
256KB
-
MD5
eebb8317cee8b90473fc2e09fc8c2215
-
SHA1
8d75b09c70159bf5eabfd93b6d39c2062c173c1e
-
SHA256
5005bb5c2ff76a69b4b5cb5da8ec5bf4ed600c7cb87be8567984f7fcb5aabf36
-
SHA512
0085fa66ab4d2ec9ca52310a1802045b165560e4ec6941ca3064585257a4f67729ab8c35696ae14db6b95dc84e589b23485e41a290e70177568921ea2f80cb90
-
SSDEEP
6144:qv75voNymi+7eeyz2P9NnnnFCpImnTZygoHlKnvmb7/D26UBnmbLBXBJ:qFvoNymi+7eOP9anTZygoHlKnvmb7/DT
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2