General
-
Target
ef2cc6d7a0bae78d51e277486e1dc524_JaffaCakes118
-
Size
92KB
-
Sample
240921-ghw8caxepd
-
MD5
ef2cc6d7a0bae78d51e277486e1dc524
-
SHA1
162f8427325a2413c603d410f8a9f00dfad5541f
-
SHA256
c2dec5e53ca3599ad851e7851a45403cf4d2317940c68cc6a3828c8ff86ab2ac
-
SHA512
f449b31cec2b81d9f263a762cefe89e2a037fae35d2a2e0d4647d95dc567859d939c4f3a5505bbca644e478368c8b51a3bd905afe303b576bc585fee72aadac8
-
SSDEEP
1536:bWEnXqgBYd6iTGuR6n2nlba/yToFmLrac1cWcZc+c5cNsZqbgDPkt:6YqKYdFd8gHqMDPO
Malware Config
Targets
-
-
Target
ef2cc6d7a0bae78d51e277486e1dc524_JaffaCakes118
-
Size
92KB
-
MD5
ef2cc6d7a0bae78d51e277486e1dc524
-
SHA1
162f8427325a2413c603d410f8a9f00dfad5541f
-
SHA256
c2dec5e53ca3599ad851e7851a45403cf4d2317940c68cc6a3828c8ff86ab2ac
-
SHA512
f449b31cec2b81d9f263a762cefe89e2a037fae35d2a2e0d4647d95dc567859d939c4f3a5505bbca644e478368c8b51a3bd905afe303b576bc585fee72aadac8
-
SSDEEP
1536:bWEnXqgBYd6iTGuR6n2nlba/yToFmLrac1cWcZc+c5cNsZqbgDPkt:6YqKYdFd8gHqMDPO
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2