General
-
Target
f5385b079c41e4ab5000ae891f5080a6_JaffaCakes118
-
Size
100KB
-
Sample
240925-fe5jwaygjh
-
MD5
f5385b079c41e4ab5000ae891f5080a6
-
SHA1
60b5a1d5f84b96c11040ee12944f6ad131ba40e7
-
SHA256
75f8dd63e8fbbf37afcbc9c73afb506631103f0fa3c5b7850dc6370d70b50e95
-
SHA512
067ba642649f9b64091b993824a04cd67d8398dc4602996b0f947c7dea80df24a28c00eabea6baa0a7b3810444fb7bac585890f75296ea07d8d7b53be0fc9d02
-
SSDEEP
1536:a4t0QU82NTdwuLGZcYADZPU1+73BD88b0ny5NIjni:rWw5gZPUQJ5Cni
Malware Config
Targets
-
-
Target
f5385b079c41e4ab5000ae891f5080a6_JaffaCakes118
-
Size
100KB
-
MD5
f5385b079c41e4ab5000ae891f5080a6
-
SHA1
60b5a1d5f84b96c11040ee12944f6ad131ba40e7
-
SHA256
75f8dd63e8fbbf37afcbc9c73afb506631103f0fa3c5b7850dc6370d70b50e95
-
SHA512
067ba642649f9b64091b993824a04cd67d8398dc4602996b0f947c7dea80df24a28c00eabea6baa0a7b3810444fb7bac585890f75296ea07d8d7b53be0fc9d02
-
SSDEEP
1536:a4t0QU82NTdwuLGZcYADZPU1+73BD88b0ny5NIjni:rWw5gZPUQJ5Cni
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2