General
-
Target
fed5450ce9b7361c74aebb247304c1bc_JaffaCakes118
-
Size
240KB
-
Sample
240929-s4ee7szdqk
-
MD5
fed5450ce9b7361c74aebb247304c1bc
-
SHA1
a32075d9bff5c384b799f29120a4eba6c5d48fd9
-
SHA256
202021da353a86f6f6f2f3f157b88b8bb7e15205f63553e87968f4c9d1a452a5
-
SHA512
90c7f3092db37118a1f608e91dad5e6e37250aa3c3cd5164b7c9d36b10856be2d26858b8ab52e30ad62fe9288e56c21492c659f9eb577f4158ab74d5d8da67cb
-
SSDEEP
6144:BUy3dwqsNweTAB0EqxF6snji81RUinKchhtMSf:/dQ5JDLf
Malware Config
Targets
-
-
Target
fed5450ce9b7361c74aebb247304c1bc_JaffaCakes118
-
Size
240KB
-
MD5
fed5450ce9b7361c74aebb247304c1bc
-
SHA1
a32075d9bff5c384b799f29120a4eba6c5d48fd9
-
SHA256
202021da353a86f6f6f2f3f157b88b8bb7e15205f63553e87968f4c9d1a452a5
-
SHA512
90c7f3092db37118a1f608e91dad5e6e37250aa3c3cd5164b7c9d36b10856be2d26858b8ab52e30ad62fe9288e56c21492c659f9eb577f4158ab74d5d8da67cb
-
SSDEEP
6144:BUy3dwqsNweTAB0EqxF6snji81RUinKchhtMSf:/dQ5JDLf
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2