General
-
Target
ef0c1c7e4b325f057e7cfc55462341db_JaffaCakes118
-
Size
132KB
-
Sample
240921-et2absvbkg
-
MD5
ef0c1c7e4b325f057e7cfc55462341db
-
SHA1
5ea6aa308305ee7b5d16592137a87eb3fd69d15e
-
SHA256
12e0df9e8a2bab92e09f9e008ebf790967238cb9dc803a493f996844e3d5b8e7
-
SHA512
3a110732b0993ede8ced54d7530a6a214071f4a15fa8f83f277778756d4433a97863752f1728d80b531d2c5dca03a0ec6ea060b9964d932346b1c82128c1ce29
-
SSDEEP
3072:V0RPXEcBrPf9HU9Oki6DX37fAd9LE5j4oQB:VmPXEcBrPFHU9Ok7rfKOdy
Malware Config
Targets
-
-
Target
ef0c1c7e4b325f057e7cfc55462341db_JaffaCakes118
-
Size
132KB
-
MD5
ef0c1c7e4b325f057e7cfc55462341db
-
SHA1
5ea6aa308305ee7b5d16592137a87eb3fd69d15e
-
SHA256
12e0df9e8a2bab92e09f9e008ebf790967238cb9dc803a493f996844e3d5b8e7
-
SHA512
3a110732b0993ede8ced54d7530a6a214071f4a15fa8f83f277778756d4433a97863752f1728d80b531d2c5dca03a0ec6ea060b9964d932346b1c82128c1ce29
-
SSDEEP
3072:V0RPXEcBrPf9HU9Oki6DX37fAd9LE5j4oQB:VmPXEcBrPFHU9Ok7rfKOdy
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2