General
-
Target
01592e1dd2f283bc26fc08935a750fc8_JaffaCakes118
-
Size
88KB
-
Sample
240930-pshrpsvhmr
-
MD5
01592e1dd2f283bc26fc08935a750fc8
-
SHA1
a0712b802ce5899d9dac8558b674f3c2f01cffe8
-
SHA256
3f2f58700adba3abc7c1f30b41a8fd06164fe015d9d5cc793e17ce5ead8ce58b
-
SHA512
4ec06d8809dc11a1253a55370547f68a55533c737627885081e2a965ecae68e29e95ef8e563f944ee26cdfb348ccb6f42cf5e0fcfa4b0a42e2d3b7d18a2b5823
-
SSDEEP
1536:J+e0fSpy8tXG06YpqdXTsYJ/F+FBFIFGFYF7DUZxTZFua:eSs0G0mZYn
Malware Config
Targets
-
-
Target
01592e1dd2f283bc26fc08935a750fc8_JaffaCakes118
-
Size
88KB
-
MD5
01592e1dd2f283bc26fc08935a750fc8
-
SHA1
a0712b802ce5899d9dac8558b674f3c2f01cffe8
-
SHA256
3f2f58700adba3abc7c1f30b41a8fd06164fe015d9d5cc793e17ce5ead8ce58b
-
SHA512
4ec06d8809dc11a1253a55370547f68a55533c737627885081e2a965ecae68e29e95ef8e563f944ee26cdfb348ccb6f42cf5e0fcfa4b0a42e2d3b7d18a2b5823
-
SSDEEP
1536:J+e0fSpy8tXG06YpqdXTsYJ/F+FBFIFGFYF7DUZxTZFua:eSs0G0mZYn
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2