General
-
Target
f9edeaf04def313919dc2a6e8bfb43f1_JaffaCakes118
-
Size
252KB
-
Sample
240927-hk9rwstakg
-
MD5
f9edeaf04def313919dc2a6e8bfb43f1
-
SHA1
d080fb5fdb3cbc888df0bc6227fec7cae4d1c680
-
SHA256
3eb908a0a91826172e64e2bad7c3926d4f891395ca20172e6f0884759a3cbdeb
-
SHA512
dd06d4ee66cfbb0c09e9f7947d04b7a9de76b49693a1adcf270f7d5f91c87027f99a5c9b552de28e8340419c37960c5bb955d7a28e9595ed2a27326013b3a8ec
-
SSDEEP
6144:miUxi2d1wlx34Z4mwD5eQpYgYV29G6McRgcVXOa/0udzUZZQMQCQQyA8lohYewT/:Eic4eQpYgWMGYlViQQyBlohHwTE+70/m
Malware Config
Targets
-
-
Target
f9edeaf04def313919dc2a6e8bfb43f1_JaffaCakes118
-
Size
252KB
-
MD5
f9edeaf04def313919dc2a6e8bfb43f1
-
SHA1
d080fb5fdb3cbc888df0bc6227fec7cae4d1c680
-
SHA256
3eb908a0a91826172e64e2bad7c3926d4f891395ca20172e6f0884759a3cbdeb
-
SHA512
dd06d4ee66cfbb0c09e9f7947d04b7a9de76b49693a1adcf270f7d5f91c87027f99a5c9b552de28e8340419c37960c5bb955d7a28e9595ed2a27326013b3a8ec
-
SSDEEP
6144:miUxi2d1wlx34Z4mwD5eQpYgYV29G6McRgcVXOa/0udzUZZQMQCQQyA8lohYewT/:Eic4eQpYgWMGYlViQQyBlohHwTE+70/m
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2