General
-
Target
03c4a0dd29a6d0753c5df1788b55d4b2_JaffaCakes118
-
Size
111KB
-
Sample
241001-avncmssbjp
-
MD5
03c4a0dd29a6d0753c5df1788b55d4b2
-
SHA1
cec5b97c59f13c3418b373ce1823096f2adf1ad5
-
SHA256
e3be1a7aa36cb2012c25a5e6f7e516cd65303a10c21a6e28ed6b96eae5fb813e
-
SHA512
f9397cfdd15c4bc211a25e20021bcb988e84cda666182856333003a334acf472a02d1cae6b2412f1c403a0a9fd8714e87faa4864c0d85ee956060ce56eb5fb18
-
SSDEEP
3072:a12ewWUudlp4D4dMz4n4N4t4R4aEIIIIzd:a12ewhIxMdEIIIIz
Malware Config
Targets
-
-
Target
03c4a0dd29a6d0753c5df1788b55d4b2_JaffaCakes118
-
Size
111KB
-
MD5
03c4a0dd29a6d0753c5df1788b55d4b2
-
SHA1
cec5b97c59f13c3418b373ce1823096f2adf1ad5
-
SHA256
e3be1a7aa36cb2012c25a5e6f7e516cd65303a10c21a6e28ed6b96eae5fb813e
-
SHA512
f9397cfdd15c4bc211a25e20021bcb988e84cda666182856333003a334acf472a02d1cae6b2412f1c403a0a9fd8714e87faa4864c0d85ee956060ce56eb5fb18
-
SSDEEP
3072:a12ewWUudlp4D4dMz4n4N4t4R4aEIIIIzd:a12ewhIxMdEIIIIz
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2