General
-
Target
031f51b91758869f377d03556b091f09_JaffaCakes118
-
Size
104KB
-
Sample
240930-y4xjnstdjm
-
MD5
031f51b91758869f377d03556b091f09
-
SHA1
0eead65ce41080ede11c8966d31bb51583b81682
-
SHA256
b943043442021a70442b22892447f8216543b943dc5cc6e98047e93e936a8538
-
SHA512
dc8c4a1ed94350559c337aae28b2cc148199da3cfbd49ed4b19f1addbbb7293a78bdd8f1b0ea6463b3db23836760a7c558618dd55f4d7777186ba17b3d274b89
-
SSDEEP
1536:/Y53fEnoGEZScK43sKeWjwJBAOs9G2HaQNsM03i6EY5:Q53fEZEkIsK0IHxN/E5
Malware Config
Targets
-
-
Target
031f51b91758869f377d03556b091f09_JaffaCakes118
-
Size
104KB
-
MD5
031f51b91758869f377d03556b091f09
-
SHA1
0eead65ce41080ede11c8966d31bb51583b81682
-
SHA256
b943043442021a70442b22892447f8216543b943dc5cc6e98047e93e936a8538
-
SHA512
dc8c4a1ed94350559c337aae28b2cc148199da3cfbd49ed4b19f1addbbb7293a78bdd8f1b0ea6463b3db23836760a7c558618dd55f4d7777186ba17b3d274b89
-
SSDEEP
1536:/Y53fEnoGEZScK43sKeWjwJBAOs9G2HaQNsM03i6EY5:Q53fEZEkIsK0IHxN/E5
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2