General
-
Target
007b97166b507c7d487b4bb90052339c_JaffaCakes118
-
Size
124KB
-
Sample
240930-kwfdja1ckh
-
MD5
007b97166b507c7d487b4bb90052339c
-
SHA1
9ba9bb9d5ee3e76373c35ef4ce3e4b25221d971f
-
SHA256
831222e82e2fd854d904001f32d989d5f78b71353e40b5f5aed55eb77a625a2b
-
SHA512
92d26e6811601e391c4062ab44145f40a814557816fe2689116002b409c78d575956eea25a8fbee7d7c7a87e7b20abebc7db5073b9c655066e08216bfef7341d
-
SSDEEP
1536:uVJQ/0ZzOt4JEk5KO98p+kzGDwTc6bdaR+aLbGctSFTJ9:8bVOtCYOGDz0wwydjGj419
Malware Config
Targets
-
-
Target
007b97166b507c7d487b4bb90052339c_JaffaCakes118
-
Size
124KB
-
MD5
007b97166b507c7d487b4bb90052339c
-
SHA1
9ba9bb9d5ee3e76373c35ef4ce3e4b25221d971f
-
SHA256
831222e82e2fd854d904001f32d989d5f78b71353e40b5f5aed55eb77a625a2b
-
SHA512
92d26e6811601e391c4062ab44145f40a814557816fe2689116002b409c78d575956eea25a8fbee7d7c7a87e7b20abebc7db5073b9c655066e08216bfef7341d
-
SSDEEP
1536:uVJQ/0ZzOt4JEk5KO98p+kzGDwTc6bdaR+aLbGctSFTJ9:8bVOtCYOGDz0wwydjGj419
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2