General
-
Target
03e6901fce5014bd60d53a7ef9e727f0_JaffaCakes118
-
Size
255KB
-
Sample
241001-bxtg4svajm
-
MD5
03e6901fce5014bd60d53a7ef9e727f0
-
SHA1
a26e136c73cbf44e043be87abee3672b56937c43
-
SHA256
d4e75da57f0edb7266cab6cd3f210fc534d34d3c7ebe727a38d56c6d1da27689
-
SHA512
f712334b185987899033f0e54d48c134e599f1b99892419e7feff04f6085849bb2c559319a174f2b04e134fcb5cffa4e093bcb712cad0a3793cb8b8928d16925
-
SSDEEP
6144:SY94NGfX6vOIUbAlW1qAwfD8g1ZuI7hBfVTtNDORn:R9OGfXASbZVwfDrJhbT3DORn
Malware Config
Targets
-
-
Target
03e6901fce5014bd60d53a7ef9e727f0_JaffaCakes118
-
Size
255KB
-
MD5
03e6901fce5014bd60d53a7ef9e727f0
-
SHA1
a26e136c73cbf44e043be87abee3672b56937c43
-
SHA256
d4e75da57f0edb7266cab6cd3f210fc534d34d3c7ebe727a38d56c6d1da27689
-
SHA512
f712334b185987899033f0e54d48c134e599f1b99892419e7feff04f6085849bb2c559319a174f2b04e134fcb5cffa4e093bcb712cad0a3793cb8b8928d16925
-
SSDEEP
6144:SY94NGfX6vOIUbAlW1qAwfD8g1ZuI7hBfVTtNDORn:R9OGfXASbZVwfDrJhbT3DORn
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Browser Extensions
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1