General
-
Target
03201ac0208b7c4f4d167a1d8153a3fe_JaffaCakes118
-
Size
100KB
-
Sample
240930-y5r1ksxeqb
-
MD5
03201ac0208b7c4f4d167a1d8153a3fe
-
SHA1
c18e2813c907413f750ac3269107a28bb6d7a97c
-
SHA256
df604cb01fc9bbab7dbe82a18a53656f4f77839f592cc63037c051a11f18ca7a
-
SHA512
2da885f94be2b7c35f2530c2b119fc16dfa6d5e0a757d349fd8888c03e715bc15aea5727b24179823b4ef3bb4bcb1a470fa9d70a6ff3d20fe78953cb9488f1d7
-
SSDEEP
1536:o2tG782NTzwmMGAc4ohrPXo+73Rez8b0SywNIjni:owJurPX7CwCni
Malware Config
Targets
-
-
Target
03201ac0208b7c4f4d167a1d8153a3fe_JaffaCakes118
-
Size
100KB
-
MD5
03201ac0208b7c4f4d167a1d8153a3fe
-
SHA1
c18e2813c907413f750ac3269107a28bb6d7a97c
-
SHA256
df604cb01fc9bbab7dbe82a18a53656f4f77839f592cc63037c051a11f18ca7a
-
SHA512
2da885f94be2b7c35f2530c2b119fc16dfa6d5e0a757d349fd8888c03e715bc15aea5727b24179823b4ef3bb4bcb1a470fa9d70a6ff3d20fe78953cb9488f1d7
-
SSDEEP
1536:o2tG782NTzwmMGAc4ohrPXo+73Rez8b0SywNIjni:owJurPX7CwCni
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2