General
-
Target
fbec14e2f568f22f99a07644dd24da54_JaffaCakes118
-
Size
144KB
-
Sample
240928-kng76awhmq
-
MD5
fbec14e2f568f22f99a07644dd24da54
-
SHA1
fdfb8eac8e500ee54b324cb98f1fc4bf3d6ea190
-
SHA256
a635cfa11466cb3a796973e02d1b7d9c021b86f7f154ee67ed3332bae21f294c
-
SHA512
138c1da3d8bd1d2c852470340dca6f5f1ecddc9071d654c29d7c4a34036f115deb8044c708db1ce4f5370c5f96bc5812c2684e3b0d5fb8336a0a147d5d6cdbee
-
SSDEEP
3072:Xpn6CcWd5gVUL5mynf1lFCm8hlJvzMwgv21jWE5j4oQxc:XpnU21Cm8hlJvzMwgvkdu
Malware Config
Targets
-
-
Target
fbec14e2f568f22f99a07644dd24da54_JaffaCakes118
-
Size
144KB
-
MD5
fbec14e2f568f22f99a07644dd24da54
-
SHA1
fdfb8eac8e500ee54b324cb98f1fc4bf3d6ea190
-
SHA256
a635cfa11466cb3a796973e02d1b7d9c021b86f7f154ee67ed3332bae21f294c
-
SHA512
138c1da3d8bd1d2c852470340dca6f5f1ecddc9071d654c29d7c4a34036f115deb8044c708db1ce4f5370c5f96bc5812c2684e3b0d5fb8336a0a147d5d6cdbee
-
SSDEEP
3072:Xpn6CcWd5gVUL5mynf1lFCm8hlJvzMwgv21jWE5j4oQxc:XpnU21Cm8hlJvzMwgvkdu
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2