General
-
Target
f6c350e0e2ad54879e039ac516e9d538_JaffaCakes118
-
Size
176KB
-
Sample
240925-yrq65ayamc
-
MD5
f6c350e0e2ad54879e039ac516e9d538
-
SHA1
629a96b49155cea532204b8a9d75ff270a3c1c79
-
SHA256
44f5f4a330ce0c70d946a61ab5a983b58eac267b399822398b2ce02743c58a57
-
SHA512
89f7081b2cd42ccac5b91fe415468664cfa0b556cab9a3245e31b1abacf28b9576a07077fc1ddb329e78f76c14ddbbdd9b2e876b46a2d5b9980584a942ac95ba
-
SSDEEP
3072:wf7O+p1zO+daiyK8+Yb6RJ6Ea6uKnvmb7/D26CEmIOJ1va0YOlR9vqgeleYCDk0m:Edp1d8iyK2b6RJXWKnvmb7/D26CEmIOc
Malware Config
Targets
-
-
Target
f6c350e0e2ad54879e039ac516e9d538_JaffaCakes118
-
Size
176KB
-
MD5
f6c350e0e2ad54879e039ac516e9d538
-
SHA1
629a96b49155cea532204b8a9d75ff270a3c1c79
-
SHA256
44f5f4a330ce0c70d946a61ab5a983b58eac267b399822398b2ce02743c58a57
-
SHA512
89f7081b2cd42ccac5b91fe415468664cfa0b556cab9a3245e31b1abacf28b9576a07077fc1ddb329e78f76c14ddbbdd9b2e876b46a2d5b9980584a942ac95ba
-
SSDEEP
3072:wf7O+p1zO+daiyK8+Yb6RJ6Ea6uKnvmb7/D26CEmIOJ1va0YOlR9vqgeleYCDk0m:Edp1d8iyK2b6RJXWKnvmb7/D26CEmIOc
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2