General
-
Target
eece878f87a68ffe933b692dcb180514_JaffaCakes118
-
Size
172KB
-
Sample
240921-bskz6sydnd
-
MD5
eece878f87a68ffe933b692dcb180514
-
SHA1
b1df176f4698c6df33fe8385b747999fbc103310
-
SHA256
770583edab04e23ba8a99010580f280eccc340f5087302fb4ca0e8c257a340ce
-
SHA512
62f539c95ac745645809310621d28be2db02d5e684ccaacb3fd617b086ea6802d7d36e7772534cfed59ac5d57f7f97f9d082288677beee94bcc9f89f25ba8211
-
SSDEEP
3072:HV39eB8R8oSx/mOEAFIFR7N3ims2+9AhLOG7GQiCLMt8Xq/WL8mge/:Hd9hR8oSx/mOEAFIFR7NHl++hLOG7GQD
Malware Config
Targets
-
-
Target
eece878f87a68ffe933b692dcb180514_JaffaCakes118
-
Size
172KB
-
MD5
eece878f87a68ffe933b692dcb180514
-
SHA1
b1df176f4698c6df33fe8385b747999fbc103310
-
SHA256
770583edab04e23ba8a99010580f280eccc340f5087302fb4ca0e8c257a340ce
-
SHA512
62f539c95ac745645809310621d28be2db02d5e684ccaacb3fd617b086ea6802d7d36e7772534cfed59ac5d57f7f97f9d082288677beee94bcc9f89f25ba8211
-
SSDEEP
3072:HV39eB8R8oSx/mOEAFIFR7N3ims2+9AhLOG7GQiCLMt8Xq/WL8mge/:Hd9hR8oSx/mOEAFIFR7NHl++hLOG7GQD
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2