General
-
Target
00fdf14585932de1338c7c297bfb315a_JaffaCakes118
-
Size
192KB
-
Sample
240930-m622dswdmc
-
MD5
00fdf14585932de1338c7c297bfb315a
-
SHA1
0071bd2e3a7fb9fd91e1692d99e7b36f2f583a67
-
SHA256
dca479db0b038a4e411d9b4b13a722af69437c5b08391769a5a4a3d04b8d1529
-
SHA512
d8f3bc5d0d3ce40de985011ab9e0d2add8c09067b229cf41d05a7def30820a270a10e1c0a0872a9d7a6c035cdb78cb76b781c743da04e03557d3b449cb6ee35d
-
SSDEEP
1536:IScR2OaPPVaaaaat031AdQWB5kCFrWszRUOHFlQhzyLwVKftfVBiZHAPloFp5A2L:dOWPrW3kCFrWsF2eLbqx2VVFs89
Malware Config
Targets
-
-
Target
00fdf14585932de1338c7c297bfb315a_JaffaCakes118
-
Size
192KB
-
MD5
00fdf14585932de1338c7c297bfb315a
-
SHA1
0071bd2e3a7fb9fd91e1692d99e7b36f2f583a67
-
SHA256
dca479db0b038a4e411d9b4b13a722af69437c5b08391769a5a4a3d04b8d1529
-
SHA512
d8f3bc5d0d3ce40de985011ab9e0d2add8c09067b229cf41d05a7def30820a270a10e1c0a0872a9d7a6c035cdb78cb76b781c743da04e03557d3b449cb6ee35d
-
SSDEEP
1536:IScR2OaPPVaaaaat031AdQWB5kCFrWszRUOHFlQhzyLwVKftfVBiZHAPloFp5A2L:dOWPrW3kCFrWsF2eLbqx2VVFs89
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2