General
-
Target
f644ebe83a76214c28e008f7dfc28dae_JaffaCakes118
-
Size
136KB
-
Sample
240925-seaeysvepf
-
MD5
f644ebe83a76214c28e008f7dfc28dae
-
SHA1
c621d0877db016eae1d4a7612d3fe00999c28182
-
SHA256
7815cfef268fe2b992f875411d6d07eeb562293b292deeea64e0e14021e99ce1
-
SHA512
9f2bfcfac93cc180387cddde8a0ec197e9edbaaf83afd0eac18e9119f6a26800cc53882f7035d833fb15b3f87d23f1e8138a677d11336697510fe5ba027009ce
-
SSDEEP
3072:mn9l1j+XEHA6FStNCpkWdHOYws7HzbcnpLbIkuRwc+xhiEl+2YC4bMkYIiqbqE:mn9l1MENeNCpkWdHOYws7HzbcnpLbIkL
Malware Config
Targets
-
-
Target
f644ebe83a76214c28e008f7dfc28dae_JaffaCakes118
-
Size
136KB
-
MD5
f644ebe83a76214c28e008f7dfc28dae
-
SHA1
c621d0877db016eae1d4a7612d3fe00999c28182
-
SHA256
7815cfef268fe2b992f875411d6d07eeb562293b292deeea64e0e14021e99ce1
-
SHA512
9f2bfcfac93cc180387cddde8a0ec197e9edbaaf83afd0eac18e9119f6a26800cc53882f7035d833fb15b3f87d23f1e8138a677d11336697510fe5ba027009ce
-
SSDEEP
3072:mn9l1j+XEHA6FStNCpkWdHOYws7HzbcnpLbIkuRwc+xhiEl+2YC4bMkYIiqbqE:mn9l1MENeNCpkWdHOYws7HzbcnpLbIkL
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2