General
-
Target
fb7cfb190c7d03c4ae23c230d8598381_JaffaCakes118
-
Size
260KB
-
Sample
240928-ew3aeawgqn
-
MD5
fb7cfb190c7d03c4ae23c230d8598381
-
SHA1
a19daaa619e6ba3b7402580dafb0c7eb7c831bbb
-
SHA256
5a9e7dfa8a27861063e09c0e2c7f2dbf0ae958da9cf0daafe7303fe097f6ecf0
-
SHA512
cd67d3bc9e62a32ea49d4395fd1b031f4c641c0697b01b7dde0a4f6cd3b9d7a9d0ff726de7b3a2ce71921a089458d4ea5f7d61eff7ef32df4c1b28c799256014
-
SSDEEP
6144:x4HXUUp7WQn6mr1R4bKLnXejKloO6JU1J7QnpRZ7Ta9kzU2/pn:xkDp6Qn6mr1R4bKLnXaKaO6O1JApvH
Malware Config
Targets
-
-
Target
fb7cfb190c7d03c4ae23c230d8598381_JaffaCakes118
-
Size
260KB
-
MD5
fb7cfb190c7d03c4ae23c230d8598381
-
SHA1
a19daaa619e6ba3b7402580dafb0c7eb7c831bbb
-
SHA256
5a9e7dfa8a27861063e09c0e2c7f2dbf0ae958da9cf0daafe7303fe097f6ecf0
-
SHA512
cd67d3bc9e62a32ea49d4395fd1b031f4c641c0697b01b7dde0a4f6cd3b9d7a9d0ff726de7b3a2ce71921a089458d4ea5f7d61eff7ef32df4c1b28c799256014
-
SSDEEP
6144:x4HXUUp7WQn6mr1R4bKLnXejKloO6JU1J7QnpRZ7Ta9kzU2/pn:xkDp6Qn6mr1R4bKLnXaKaO6O1JApvH
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2