General
-
Target
ef2714df34e4365a18eaa0a2d45b4a3f_JaffaCakes118
-
Size
128KB
-
Sample
240921-f79z3axbmb
-
MD5
ef2714df34e4365a18eaa0a2d45b4a3f
-
SHA1
1af86bdcbb772977a60af1fcb14d41b1f63db122
-
SHA256
0f292c56696cdc82a27e3dd5c50fd7b62a9811e29009f40e4f86de23823b17c2
-
SHA512
acc6dfccd78edde5014c9d561448bbccb1c639ba7f8de8397d75a48593e001f3fbad33c6f7757c0e043cb599caf904e0010c24163f287c759d60765783309744
-
SSDEEP
1536:XeksiLuhgIuFQFvHwd6PXOYb7gXWgWKsEH0NeG0h/x:OksiYg/FQByYb7gvsEDp
Malware Config
Targets
-
-
Target
ef2714df34e4365a18eaa0a2d45b4a3f_JaffaCakes118
-
Size
128KB
-
MD5
ef2714df34e4365a18eaa0a2d45b4a3f
-
SHA1
1af86bdcbb772977a60af1fcb14d41b1f63db122
-
SHA256
0f292c56696cdc82a27e3dd5c50fd7b62a9811e29009f40e4f86de23823b17c2
-
SHA512
acc6dfccd78edde5014c9d561448bbccb1c639ba7f8de8397d75a48593e001f3fbad33c6f7757c0e043cb599caf904e0010c24163f287c759d60765783309744
-
SSDEEP
1536:XeksiLuhgIuFQFvHwd6PXOYb7gXWgWKsEH0NeG0h/x:OksiYg/FQByYb7gvsEDp
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2