General
-
Target
fb0552be6e0d8669693a70e63fdcbbd1_JaffaCakes118
-
Size
152KB
-
Sample
240927-2fqyrsvgmh
-
MD5
fb0552be6e0d8669693a70e63fdcbbd1
-
SHA1
f9f820cb6440767ad025818265cb8a5fcbf6a787
-
SHA256
13931bf44a61ce53fec5b23a1aa1684fae00c89e6f3a49ecb5cee165f016e596
-
SHA512
2fd44db8d52d20fd8b8582830cae2ca2607123719c1d5fb0f5c09f32724d6bf7f47fe414a4ee8f5bf2a2206640baa1c536d2c5cb83ae82e4d64ed77d4fd2e6b6
-
SSDEEP
3072:eMGzPYYh0Zn+7DxNUbaxIcz93bOButK+u3:x+7DxVh3bH4
Malware Config
Targets
-
-
Target
fb0552be6e0d8669693a70e63fdcbbd1_JaffaCakes118
-
Size
152KB
-
MD5
fb0552be6e0d8669693a70e63fdcbbd1
-
SHA1
f9f820cb6440767ad025818265cb8a5fcbf6a787
-
SHA256
13931bf44a61ce53fec5b23a1aa1684fae00c89e6f3a49ecb5cee165f016e596
-
SHA512
2fd44db8d52d20fd8b8582830cae2ca2607123719c1d5fb0f5c09f32724d6bf7f47fe414a4ee8f5bf2a2206640baa1c536d2c5cb83ae82e4d64ed77d4fd2e6b6
-
SSDEEP
3072:eMGzPYYh0Zn+7DxNUbaxIcz93bOButK+u3:x+7DxVh3bH4
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2