General
-
Target
fc0944e817e5ee1515f81fd00a899486_JaffaCakes118
-
Size
124KB
-
Sample
240928-lty9asyhmr
-
MD5
fc0944e817e5ee1515f81fd00a899486
-
SHA1
376599d0ff17c72581606474ee6901a9aa2fc526
-
SHA256
84b02d85384f135adc0894bc1272238b971a0a7a01f9f43dfbf9bb0e9b3b3eb6
-
SHA512
3127a601c46a285507e1e7ba75d49a57af891d42b5bf56d3b9a825459545a61eefd5673f0fb84b2bdb229c16e1df328fe5b91506bebb4130edc47f38c313f718
-
SSDEEP
3072:U20sCbZSukOY8hrJFVcM/N/5sfqDfwqm4nYm:30sork6hrJ3cON/5sGq4p
Malware Config
Targets
-
-
Target
fc0944e817e5ee1515f81fd00a899486_JaffaCakes118
-
Size
124KB
-
MD5
fc0944e817e5ee1515f81fd00a899486
-
SHA1
376599d0ff17c72581606474ee6901a9aa2fc526
-
SHA256
84b02d85384f135adc0894bc1272238b971a0a7a01f9f43dfbf9bb0e9b3b3eb6
-
SHA512
3127a601c46a285507e1e7ba75d49a57af891d42b5bf56d3b9a825459545a61eefd5673f0fb84b2bdb229c16e1df328fe5b91506bebb4130edc47f38c313f718
-
SSDEEP
3072:U20sCbZSukOY8hrJFVcM/N/5sfqDfwqm4nYm:30sork6hrJ3cON/5sGq4p
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2