General
-
Target
fe171ec6e450685dc3dbfeff07d4c5bb_JaffaCakes118
-
Size
204KB
-
Sample
240929-jr7rjsyala
-
MD5
fe171ec6e450685dc3dbfeff07d4c5bb
-
SHA1
5646aed2fb5fc340f8a707cfdbf67e3eea623816
-
SHA256
76c5edae3fc7730c6e9c86a24e170a93a0fefd32e40ab4bf13c0cfafad99e0f2
-
SHA512
fb32215a57a8467997d1b49e2c85cfb0ee7b8f0ab61bf4b55d722888a911c3f1f07478f76af28e25ccb126a8b407f64df53d483dfa902911d7d6bb72ac74ccdb
-
SSDEEP
3072:jmRW82E0tQ9nLHbB9W0c1TqECzR/mkSYGrl9ymgYUWoG:CAg4QxL7B9W0c1RCzR/fSmljG
Malware Config
Targets
-
-
Target
fe171ec6e450685dc3dbfeff07d4c5bb_JaffaCakes118
-
Size
204KB
-
MD5
fe171ec6e450685dc3dbfeff07d4c5bb
-
SHA1
5646aed2fb5fc340f8a707cfdbf67e3eea623816
-
SHA256
76c5edae3fc7730c6e9c86a24e170a93a0fefd32e40ab4bf13c0cfafad99e0f2
-
SHA512
fb32215a57a8467997d1b49e2c85cfb0ee7b8f0ab61bf4b55d722888a911c3f1f07478f76af28e25ccb126a8b407f64df53d483dfa902911d7d6bb72ac74ccdb
-
SSDEEP
3072:jmRW82E0tQ9nLHbB9W0c1TqECzR/mkSYGrl9ymgYUWoG:CAg4QxL7B9W0c1RCzR/fSmljG
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2