General
-
Target
fc7bba93f7120468e417cd7c202f994e_JaffaCakes118
-
Size
200KB
-
Sample
240928-rqrmyashjb
-
MD5
fc7bba93f7120468e417cd7c202f994e
-
SHA1
3b3aa45861219b8c97d7645aff705296b03e1a14
-
SHA256
18477b96336fe1e0b64312189d4d21170dca35277bb7f69339cd7f677ace0935
-
SHA512
bc9e82bb892a320ed567aad2819c12632bbc89bc17ac4a918fcb92aec8e4f6ea2743132fb85692b28429f8dc4150685a04c4f58cbea809b68ddaea169797a014
-
SSDEEP
3072:6COTo/0YxU+0tQ9nLHbB9WPliBs2HWWEakGJm9BE:6CX++4QxL7B9WPli+yWWEazP
Malware Config
Targets
-
-
Target
fc7bba93f7120468e417cd7c202f994e_JaffaCakes118
-
Size
200KB
-
MD5
fc7bba93f7120468e417cd7c202f994e
-
SHA1
3b3aa45861219b8c97d7645aff705296b03e1a14
-
SHA256
18477b96336fe1e0b64312189d4d21170dca35277bb7f69339cd7f677ace0935
-
SHA512
bc9e82bb892a320ed567aad2819c12632bbc89bc17ac4a918fcb92aec8e4f6ea2743132fb85692b28429f8dc4150685a04c4f58cbea809b68ddaea169797a014
-
SSDEEP
3072:6COTo/0YxU+0tQ9nLHbB9WPliBs2HWWEakGJm9BE:6CX++4QxL7B9WPli+yWWEazP
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2