General
-
Target
03d3cb4caa6320d1412c123378cc6463_JaffaCakes118
-
Size
240KB
-
Sample
241001-bbbeeaxbqg
-
MD5
03d3cb4caa6320d1412c123378cc6463
-
SHA1
44e6f6e0cb917729255599c56773c1df28f946ff
-
SHA256
b72791daa1fa4d3112b1cb5672b4f5542669c7cb971f7dc12d878f62edbec22d
-
SHA512
87cd81ca3cdc4bd6ad4f76c410c01bd0a9e37f12edce2a60b451f8ca609a872b8990bc6a2a4cb21a6cc6d08a4762a523e941bc521979d16f008665ad3824f21b
-
SSDEEP
6144:hUH3dwqsNwemAB0EqxF6snji81RUinKchhyQSQ:8dQQJsf
Malware Config
Targets
-
-
Target
03d3cb4caa6320d1412c123378cc6463_JaffaCakes118
-
Size
240KB
-
MD5
03d3cb4caa6320d1412c123378cc6463
-
SHA1
44e6f6e0cb917729255599c56773c1df28f946ff
-
SHA256
b72791daa1fa4d3112b1cb5672b4f5542669c7cb971f7dc12d878f62edbec22d
-
SHA512
87cd81ca3cdc4bd6ad4f76c410c01bd0a9e37f12edce2a60b451f8ca609a872b8990bc6a2a4cb21a6cc6d08a4762a523e941bc521979d16f008665ad3824f21b
-
SSDEEP
6144:hUH3dwqsNwemAB0EqxF6snji81RUinKchhyQSQ:8dQQJsf
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2