General
-
Target
ef2cf319c2c3847f90f3d6603d5f858b_JaffaCakes118
-
Size
96KB
-
Sample
240921-gjaqqsxeqh
-
MD5
ef2cf319c2c3847f90f3d6603d5f858b
-
SHA1
fa7abcb5fd80bd618adbd4022b2ac986eaef8cd6
-
SHA256
b5d6571df587e3a597e42a3091166ee7d821e0463bebd99dd35bb2cce357ec5f
-
SHA512
c391aa11679363c320b78bfe72676e04ef3aab1802100ddc45d7936c770bd1dfaa730a118131630588217f44aa8e3d4bdd0b928a32ed0f7c58f752243504b9c8
-
SSDEEP
1536:d5QBHhf6cO/hckGulSc16l6u+NMMl/KlYv1Tq5ThF/NIjnZL0:qahtlu8CFF/CnB0
Malware Config
Targets
-
-
Target
ef2cf319c2c3847f90f3d6603d5f858b_JaffaCakes118
-
Size
96KB
-
MD5
ef2cf319c2c3847f90f3d6603d5f858b
-
SHA1
fa7abcb5fd80bd618adbd4022b2ac986eaef8cd6
-
SHA256
b5d6571df587e3a597e42a3091166ee7d821e0463bebd99dd35bb2cce357ec5f
-
SHA512
c391aa11679363c320b78bfe72676e04ef3aab1802100ddc45d7936c770bd1dfaa730a118131630588217f44aa8e3d4bdd0b928a32ed0f7c58f752243504b9c8
-
SSDEEP
1536:d5QBHhf6cO/hckGulSc16l6u+NMMl/KlYv1Tq5ThF/NIjnZL0:qahtlu8CFF/CnB0
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2