General
-
Target
fb1b88c978977bda45caf3e80592531a_JaffaCakes118
-
Size
395KB
-
Sample
240927-3lkjlsvhnq
-
MD5
fb1b88c978977bda45caf3e80592531a
-
SHA1
7e0557c1e0c96dfc5891668126fd3308a7f5196a
-
SHA256
ebc2ae293f14b171ad512ec86d27bd9bb6b30e437a976929ac18d87ab3a24d9b
-
SHA512
f2486ca7885a46c818420581c495fb111546a0be912df17f486054d8a90fee5cd434e48de13260f6d6751e6ccf00618e3a32253d790188073c28fe19895c7d35
-
SSDEEP
6144:uw1WErKMveKPoHilIk1XRghbzkK5U+eKHXFzJMk6FkqVlspwgRLmVLkT2YweFhv8:uErK/Hk/ufkK5UcHVzIxI+4yhgddhXsF
Malware Config
Targets
-
-
Target
fb1b88c978977bda45caf3e80592531a_JaffaCakes118
-
Size
395KB
-
MD5
fb1b88c978977bda45caf3e80592531a
-
SHA1
7e0557c1e0c96dfc5891668126fd3308a7f5196a
-
SHA256
ebc2ae293f14b171ad512ec86d27bd9bb6b30e437a976929ac18d87ab3a24d9b
-
SHA512
f2486ca7885a46c818420581c495fb111546a0be912df17f486054d8a90fee5cd434e48de13260f6d6751e6ccf00618e3a32253d790188073c28fe19895c7d35
-
SSDEEP
6144:uw1WErKMveKPoHilIk1XRghbzkK5U+eKHXFzJMk6FkqVlspwgRLmVLkT2YweFhv8:uErK/Hk/ufkK5UcHVzIxI+4yhgddhXsF
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1