General
-
Target
eeefb966e0cede5ec5787ec47e9153d6_JaffaCakes118
-
Size
252KB
-
Sample
240921-dbg83a1grh
-
MD5
eeefb966e0cede5ec5787ec47e9153d6
-
SHA1
428a7fd15afec0d9804f9f6ed1936ae80a2ebf15
-
SHA256
c6c460c322ec846ba20c4ad632b002ed4526093c38040b67eca997caa9126f77
-
SHA512
3309687e6041b5112e36a30d088e8c208067b316ead23236411cda21e1dc7564e0def80721ca516cea62f66ebef554dfc88a4535d3bf1da3bcf0744bc137e0fe
-
SSDEEP
6144:wq7CGWUsbNZeoq6AvFPpWlyfeWgdx1XxcNoX+poNd8m3RZWuAzgG:wUWUsbbeoq6AFpWlyfeWgdx1Xxq4+po6
Malware Config
Targets
-
-
Target
eeefb966e0cede5ec5787ec47e9153d6_JaffaCakes118
-
Size
252KB
-
MD5
eeefb966e0cede5ec5787ec47e9153d6
-
SHA1
428a7fd15afec0d9804f9f6ed1936ae80a2ebf15
-
SHA256
c6c460c322ec846ba20c4ad632b002ed4526093c38040b67eca997caa9126f77
-
SHA512
3309687e6041b5112e36a30d088e8c208067b316ead23236411cda21e1dc7564e0def80721ca516cea62f66ebef554dfc88a4535d3bf1da3bcf0744bc137e0fe
-
SSDEEP
6144:wq7CGWUsbNZeoq6AvFPpWlyfeWgdx1XxcNoX+poNd8m3RZWuAzgG:wUWUsbbeoq6AFpWlyfeWgdx1Xxq4+po6
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2