General
-
Target
02073662b87a4e336881b1b84995861a_JaffaCakes118
-
Size
176KB
-
Sample
240930-sqrtdaweme
-
MD5
02073662b87a4e336881b1b84995861a
-
SHA1
2a4ee12f5140243e38038c1c86184b10f7415354
-
SHA256
d33d1c943405574922a3a43b0a63fc402c825c485788bf516cfbc62aaa6eb43c
-
SHA512
88416bae7b68f2801cf1e7e11ad46adddaae2257440092f8b810087988637a01c13105bf7035e63611f946f6d1b67e130e7fe89267f36bf00b88c533ec347978
-
SSDEEP
3072:wfX7CdKZCsJB/pAYsmyCMuKnvmb7/D26ADS6eS6EjzXLG47JTmcoiBuAZdi:yrCkCsJB/pxKnvmb7/D26Ae6eS6wzXLW
Malware Config
Targets
-
-
Target
02073662b87a4e336881b1b84995861a_JaffaCakes118
-
Size
176KB
-
MD5
02073662b87a4e336881b1b84995861a
-
SHA1
2a4ee12f5140243e38038c1c86184b10f7415354
-
SHA256
d33d1c943405574922a3a43b0a63fc402c825c485788bf516cfbc62aaa6eb43c
-
SHA512
88416bae7b68f2801cf1e7e11ad46adddaae2257440092f8b810087988637a01c13105bf7035e63611f946f6d1b67e130e7fe89267f36bf00b88c533ec347978
-
SSDEEP
3072:wfX7CdKZCsJB/pAYsmyCMuKnvmb7/D26ADS6eS6EjzXLG47JTmcoiBuAZdi:yrCkCsJB/pxKnvmb7/D26Ae6eS6wzXLW
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2