General
-
Target
f56cc995afe9c7419548c1e59af2d61a_JaffaCakes118
-
Size
204KB
-
Sample
240925-hh6x8atemb
-
MD5
f56cc995afe9c7419548c1e59af2d61a
-
SHA1
90a17466cce02f5c663e5fb0ff6ac2aefe8e651b
-
SHA256
2ad90a68b7437f556518e1f8b0ab699ce0470b339de88a29d1800f2354d680b1
-
SHA512
38d1e74fdb9ac77df3f31e8c4ead13155ece3c5538d6acbbbdc863ecc4372229f5f832d725ec5ab334048a9dd19166a4c0c3f54b210c3cd21b3f5b02389803e4
-
SSDEEP
3072:4dYgqj2r0yqjdQGn5V8XyusBAFMih89dQwLhBchyp:Ci9jdQGn/qyrAFjynLchE
Malware Config
Targets
-
-
Target
f56cc995afe9c7419548c1e59af2d61a_JaffaCakes118
-
Size
204KB
-
MD5
f56cc995afe9c7419548c1e59af2d61a
-
SHA1
90a17466cce02f5c663e5fb0ff6ac2aefe8e651b
-
SHA256
2ad90a68b7437f556518e1f8b0ab699ce0470b339de88a29d1800f2354d680b1
-
SHA512
38d1e74fdb9ac77df3f31e8c4ead13155ece3c5538d6acbbbdc863ecc4372229f5f832d725ec5ab334048a9dd19166a4c0c3f54b210c3cd21b3f5b02389803e4
-
SSDEEP
3072:4dYgqj2r0yqjdQGn5V8XyusBAFMih89dQwLhBchyp:Ci9jdQGn/qyrAFjynLchE
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2