General
-
Target
ef0cddbf8c8c4909a592952af2e716be_JaffaCakes118
-
Size
144KB
-
Sample
240921-evy7csvbne
-
MD5
ef0cddbf8c8c4909a592952af2e716be
-
SHA1
1e6f2a187363f9ea277cf86666c0c1ec4296f26c
-
SHA256
12466773e9b08eae4a861094624ede0c675c0393a3db660c58d3bb5ee7a1bfda
-
SHA512
fb194f85ce022f5e1b038d0a442e9a1e72cde8533a3d042e1732339d3bb45729c8d7ece297a346c41d4f827cda18e4d34587b2f88673fa1eb6f308d7e3d02f6b
-
SSDEEP
3072:NDl1wKcEUqZhplZRC7/veXx8pUPkDRcrLNfiWsOFP:NhmlEUqzPZ8eXx8pUsDRcHNfiZOF
Malware Config
Targets
-
-
Target
ef0cddbf8c8c4909a592952af2e716be_JaffaCakes118
-
Size
144KB
-
MD5
ef0cddbf8c8c4909a592952af2e716be
-
SHA1
1e6f2a187363f9ea277cf86666c0c1ec4296f26c
-
SHA256
12466773e9b08eae4a861094624ede0c675c0393a3db660c58d3bb5ee7a1bfda
-
SHA512
fb194f85ce022f5e1b038d0a442e9a1e72cde8533a3d042e1732339d3bb45729c8d7ece297a346c41d4f827cda18e4d34587b2f88673fa1eb6f308d7e3d02f6b
-
SSDEEP
3072:NDl1wKcEUqZhplZRC7/veXx8pUPkDRcrLNfiWsOFP:NhmlEUqzPZ8eXx8pUsDRcHNfiZOF
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2