General
-
Target
f5bb20c7908cc75380453bb3cd5be4aa_JaffaCakes118
-
Size
152KB
-
Sample
240925-lqkazayckk
-
MD5
f5bb20c7908cc75380453bb3cd5be4aa
-
SHA1
35c9efa7552a0a25f6e73dee445e8070ae6798aa
-
SHA256
8fb9a26cbc448744c4f149aa38c837ecac8e5fdb6a1f7ca29b11168fcf0d9075
-
SHA512
15468dab620dde65c6ecf831ad82326bbeca9b5487958e72378540dfc0d9a029effbf1d82e7ebf8170ec7cbfe3ed616da5a9d045b22c612342f7c22057d48079
-
SSDEEP
3072:2MGePYYh0ZX+7DxNUbaxIcz93bOButK+Hog:y+7DxVh3bHYg
Malware Config
Targets
-
-
Target
f5bb20c7908cc75380453bb3cd5be4aa_JaffaCakes118
-
Size
152KB
-
MD5
f5bb20c7908cc75380453bb3cd5be4aa
-
SHA1
35c9efa7552a0a25f6e73dee445e8070ae6798aa
-
SHA256
8fb9a26cbc448744c4f149aa38c837ecac8e5fdb6a1f7ca29b11168fcf0d9075
-
SHA512
15468dab620dde65c6ecf831ad82326bbeca9b5487958e72378540dfc0d9a029effbf1d82e7ebf8170ec7cbfe3ed616da5a9d045b22c612342f7c22057d48079
-
SSDEEP
3072:2MGePYYh0ZX+7DxNUbaxIcz93bOButK+Hog:y+7DxVh3bHYg
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2