General
-
Target
00ec426a2c7dd133dd4fc6a9718e7674_JaffaCakes118
-
Size
80KB
-
Sample
240930-mvcx5a1bnk
-
MD5
00ec426a2c7dd133dd4fc6a9718e7674
-
SHA1
a7447eab9b122caac8e9ed32318d9a775d891233
-
SHA256
eca8b01e7381ec7a4df597939ef86bd3e3a90fe598414efd0a51f25401fa52df
-
SHA512
fea15c1ce5ea9942dbeca7896833e3fa12a4721418089262f55bfeabf97210dc85c2940efda59851b72c24a90fefdf0eb2fe5f4b7248f85e6e1e6c43d9c096b9
-
SSDEEP
1536:ddwzKhj4i7GNetv6lTwDkJY7vSwGV4VE:LTGlTwDkJEqwG
Malware Config
Targets
-
-
Target
00ec426a2c7dd133dd4fc6a9718e7674_JaffaCakes118
-
Size
80KB
-
MD5
00ec426a2c7dd133dd4fc6a9718e7674
-
SHA1
a7447eab9b122caac8e9ed32318d9a775d891233
-
SHA256
eca8b01e7381ec7a4df597939ef86bd3e3a90fe598414efd0a51f25401fa52df
-
SHA512
fea15c1ce5ea9942dbeca7896833e3fa12a4721418089262f55bfeabf97210dc85c2940efda59851b72c24a90fefdf0eb2fe5f4b7248f85e6e1e6c43d9c096b9
-
SSDEEP
1536:ddwzKhj4i7GNetv6lTwDkJY7vSwGV4VE:LTGlTwDkJEqwG
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2