General
-
Target
fb02d03079ab977bfb05128766f199c9_JaffaCakes118
-
Size
156KB
-
Sample
240927-2bd4easfnq
-
MD5
fb02d03079ab977bfb05128766f199c9
-
SHA1
89ba6ca24918cdeeb1ead69ee36121787aef5b27
-
SHA256
2a674789e529369ba7a181580919382901655e6a8af19146983ad3e5f966ae54
-
SHA512
7e88d60243f43c93634180b2fbf018050ab418e75df641deadbe05bbe1c181d8d0c0d937a724b1a73346b0e944e4ef2de1c09db26a163707b94c6ea6ee8e7d95
-
SSDEEP
3072:bAiccTATe0pBI1xkaGU0vBpT8k/QvbawuxtUYqBd5hAmamQAMHfhRvuWxx0g4oQU:bGc4e0pBI1xkaH0vBpT8kltDr8L5DMHZ
Malware Config
Targets
-
-
Target
fb02d03079ab977bfb05128766f199c9_JaffaCakes118
-
Size
156KB
-
MD5
fb02d03079ab977bfb05128766f199c9
-
SHA1
89ba6ca24918cdeeb1ead69ee36121787aef5b27
-
SHA256
2a674789e529369ba7a181580919382901655e6a8af19146983ad3e5f966ae54
-
SHA512
7e88d60243f43c93634180b2fbf018050ab418e75df641deadbe05bbe1c181d8d0c0d937a724b1a73346b0e944e4ef2de1c09db26a163707b94c6ea6ee8e7d95
-
SSDEEP
3072:bAiccTATe0pBI1xkaGU0vBpT8k/QvbawuxtUYqBd5hAmamQAMHfhRvuWxx0g4oQU:bGc4e0pBI1xkaH0vBpT8kltDr8L5DMHZ
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2