General
-
Target
eee8412cf0c8bdf5d5bad7eab078f807_JaffaCakes118
-
Size
268KB
-
Sample
240921-czyqaa1dnk
-
MD5
eee8412cf0c8bdf5d5bad7eab078f807
-
SHA1
7db80515e6c916131d5cb0463fd197c074a835e5
-
SHA256
88581595f58bf0ade5e570c417fdb68676d613d99fa4ce704f8a692579f5a4fb
-
SHA512
18a448dd1927ff46a85742b6d56438befe084be928d72b2b51ea8fa744246e91e3e366a0658bd92b992c1ee430860ac608838d92b959e194a52848fd28e98cc9
-
SSDEEP
3072:JTotPWsEErNzY/NJ7dgo+Lk/BeHpHtOk0Ot3BWF8J+eobOlpwKR:ZsjN0/NJ7X1eHfKsWFE+ecOlpp
Malware Config
Targets
-
-
Target
eee8412cf0c8bdf5d5bad7eab078f807_JaffaCakes118
-
Size
268KB
-
MD5
eee8412cf0c8bdf5d5bad7eab078f807
-
SHA1
7db80515e6c916131d5cb0463fd197c074a835e5
-
SHA256
88581595f58bf0ade5e570c417fdb68676d613d99fa4ce704f8a692579f5a4fb
-
SHA512
18a448dd1927ff46a85742b6d56438befe084be928d72b2b51ea8fa744246e91e3e366a0658bd92b992c1ee430860ac608838d92b959e194a52848fd28e98cc9
-
SSDEEP
3072:JTotPWsEErNzY/NJ7dgo+Lk/BeHpHtOk0Ot3BWF8J+eobOlpwKR:ZsjN0/NJ7X1eHfKsWFE+ecOlpp
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2