General
-
Target
fe92f974e733eb3f4b56930170529188_JaffaCakes118
-
Size
208KB
-
Sample
240929-p5ycxsvfmp
-
MD5
fe92f974e733eb3f4b56930170529188
-
SHA1
0ef1cae49a0c95dbd8e3b9c89ddab24e6ec10f6f
-
SHA256
711a2c17cc15f1fdc4b7686d1ceda6d813c8f9e652cfe6d619f944c76d83488d
-
SHA512
c50a9f8cb329dbaeaeceeaf2b04d84ca3af8fe34b9936634fcd041ae31cc8f7aad2a765802035ec7f490f983fa24b46a24afed898f0ad2e063adc7dbbc991801
-
SSDEEP
3072:m66XRxMqTIzNOJ7UBs2V4b9fO9/uqXyW7MqjT39+CpnbctdoGtjzeqFWQ1E+1:m60RlMz+QGgJLCIjjjRnbcDRtHegG
Malware Config
Targets
-
-
Target
fe92f974e733eb3f4b56930170529188_JaffaCakes118
-
Size
208KB
-
MD5
fe92f974e733eb3f4b56930170529188
-
SHA1
0ef1cae49a0c95dbd8e3b9c89ddab24e6ec10f6f
-
SHA256
711a2c17cc15f1fdc4b7686d1ceda6d813c8f9e652cfe6d619f944c76d83488d
-
SHA512
c50a9f8cb329dbaeaeceeaf2b04d84ca3af8fe34b9936634fcd041ae31cc8f7aad2a765802035ec7f490f983fa24b46a24afed898f0ad2e063adc7dbbc991801
-
SSDEEP
3072:m66XRxMqTIzNOJ7UBs2V4b9fO9/uqXyW7MqjT39+CpnbctdoGtjzeqFWQ1E+1:m60RlMz+QGgJLCIjjjRnbcDRtHegG
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2