General
-
Target
ef0dc61ac9198a7e9ed03ca94ee910a2_JaffaCakes118
-
Size
124KB
-
Sample
240921-ew9z9avcke
-
MD5
ef0dc61ac9198a7e9ed03ca94ee910a2
-
SHA1
0c830c59b1ebe237016677d4702279502cdccd63
-
SHA256
6fbdd8b3e7ec895cad9257a44a527010d279e430ef484b3da6b35817cc630e29
-
SHA512
3f24a7247498edcd7c6345fb1a1ecab62d1e1856521816319daa5fd5a08550f83693f2b3c7a66a4be678e2a5513488a0bd66e6849ca3b2e9fe434edc3e69f553
-
SSDEEP
1536:oXEG4wR85uBxLDtVdHa27J14lWxporZ45iJNeG0h9:SEG4wRIkLt6gJ1uPt45f9
Malware Config
Targets
-
-
Target
ef0dc61ac9198a7e9ed03ca94ee910a2_JaffaCakes118
-
Size
124KB
-
MD5
ef0dc61ac9198a7e9ed03ca94ee910a2
-
SHA1
0c830c59b1ebe237016677d4702279502cdccd63
-
SHA256
6fbdd8b3e7ec895cad9257a44a527010d279e430ef484b3da6b35817cc630e29
-
SHA512
3f24a7247498edcd7c6345fb1a1ecab62d1e1856521816319daa5fd5a08550f83693f2b3c7a66a4be678e2a5513488a0bd66e6849ca3b2e9fe434edc3e69f553
-
SSDEEP
1536:oXEG4wR85uBxLDtVdHa27J14lWxporZ45iJNeG0h9:SEG4wRIkLt6gJ1uPt45f9
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2