General
-
Target
fb70f5e7b30a9d48e67c1ec8759561b2_JaffaCakes118
-
Size
88KB
-
Sample
240928-ecaq2svgmn
-
MD5
fb70f5e7b30a9d48e67c1ec8759561b2
-
SHA1
2357710d4110e641a972049de0e5ebacb8fcea83
-
SHA256
3554cc872d4429d81b6db460028020c058171eca994cdcdc4e25ff3145f78bf1
-
SHA512
01a303c384d1ad744e3a4ba9dc960ca0d117c613888ac98470e52ee1cce75f5f03b1e7ff7dfb0903a3abde52a4519d5a1f369f973ad0a8e065eb5e8fe90ba2a2
-
SSDEEP
768:NDFIytuRaaq2AOa6TnwVDZ1RO8YSEQJt1H7a8jFk+Zxqfcwl7z:HIUO7YzDZ16SEQJjZx0cwl7z
Malware Config
Targets
-
-
Target
fb70f5e7b30a9d48e67c1ec8759561b2_JaffaCakes118
-
Size
88KB
-
MD5
fb70f5e7b30a9d48e67c1ec8759561b2
-
SHA1
2357710d4110e641a972049de0e5ebacb8fcea83
-
SHA256
3554cc872d4429d81b6db460028020c058171eca994cdcdc4e25ff3145f78bf1
-
SHA512
01a303c384d1ad744e3a4ba9dc960ca0d117c613888ac98470e52ee1cce75f5f03b1e7ff7dfb0903a3abde52a4519d5a1f369f973ad0a8e065eb5e8fe90ba2a2
-
SSDEEP
768:NDFIytuRaaq2AOa6TnwVDZ1RO8YSEQJt1H7a8jFk+Zxqfcwl7z:HIUO7YzDZ16SEQJjZx0cwl7z
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2