General
-
Target
fabc732f70791bb8bdec63a426d99bcc_JaffaCakes118
-
Size
224KB
-
Sample
240927-tt4ssa1cpj
-
MD5
fabc732f70791bb8bdec63a426d99bcc
-
SHA1
1a8ad9539105ed2148038c0881fcfceda4d2b68f
-
SHA256
44de5d88abfbaa715a9780c92a6d2cce6d47ad224fba4fadcfe531ab364e3003
-
SHA512
247aeaadaa91455874d5496740c81e61fa28c670849b717c5b7765b3d953d84b90dc25dfd7d433a36e6154ecf40626187a294718933d3f32bcfd93b9c11d1964
-
SSDEEP
6144:Rm7Iqr3iNvcMI55xjg4+tU1pZ5UdxIOTQMyHct1FHRQoY:g7IQMULfjg4+tU1pZ5UdxIOTQMyHS1Fs
Malware Config
Targets
-
-
Target
fabc732f70791bb8bdec63a426d99bcc_JaffaCakes118
-
Size
224KB
-
MD5
fabc732f70791bb8bdec63a426d99bcc
-
SHA1
1a8ad9539105ed2148038c0881fcfceda4d2b68f
-
SHA256
44de5d88abfbaa715a9780c92a6d2cce6d47ad224fba4fadcfe531ab364e3003
-
SHA512
247aeaadaa91455874d5496740c81e61fa28c670849b717c5b7765b3d953d84b90dc25dfd7d433a36e6154ecf40626187a294718933d3f32bcfd93b9c11d1964
-
SSDEEP
6144:Rm7Iqr3iNvcMI55xjg4+tU1pZ5UdxIOTQMyHct1FHRQoY:g7IQMULfjg4+tU1pZ5UdxIOTQMyHS1Fs
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2