General
-
Target
02923a8a1b39af4cf67f9331ce1851f7_JaffaCakes118
-
Size
60KB
-
Sample
240930-wfwalaxhkj
-
MD5
02923a8a1b39af4cf67f9331ce1851f7
-
SHA1
2b0ec3e5d03cd92ad86b83219287073e34cdd41a
-
SHA256
de7e3bb242d406b0622d6541b84b0e0dc7bd862b45c51090b48f0836de8e8012
-
SHA512
fe60a8d1e2063efcf2bb899f1921cc22aa07696c1bede5b2c8359f0b303280c2c3714eb1462c5545daab55c2f06087d5d05006b1231714ffe388037fb8e7b013
-
SSDEEP
768:MXnx1BAPAa+Sr4j2D2n/z/D0lbdfs3OfKDHGqHg6WBs:MXjVaFm2a/Dxg6WBs
Malware Config
Targets
-
-
Target
02923a8a1b39af4cf67f9331ce1851f7_JaffaCakes118
-
Size
60KB
-
MD5
02923a8a1b39af4cf67f9331ce1851f7
-
SHA1
2b0ec3e5d03cd92ad86b83219287073e34cdd41a
-
SHA256
de7e3bb242d406b0622d6541b84b0e0dc7bd862b45c51090b48f0836de8e8012
-
SHA512
fe60a8d1e2063efcf2bb899f1921cc22aa07696c1bede5b2c8359f0b303280c2c3714eb1462c5545daab55c2f06087d5d05006b1231714ffe388037fb8e7b013
-
SSDEEP
768:MXnx1BAPAa+Sr4j2D2n/z/D0lbdfs3OfKDHGqHg6WBs:MXjVaFm2a/Dxg6WBs
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2