General
-
Target
041cbcff45eda23b35ac3ba549979158_JaffaCakes118
-
Size
196KB
-
Sample
241001-dd1s7a1erf
-
MD5
041cbcff45eda23b35ac3ba549979158
-
SHA1
884f882ceb3447b1226f7a74d755865f7e7c4964
-
SHA256
e0df52d4e43ebe0271bd01cb88f77676dcb69c5f397c2dc718e7e83a2f651b8a
-
SHA512
369600de20f913220a43f4068b20b1a473c1f2bcb00fbd5ef1e27ec506726b024845ba0e75697989fc35fc0becf90f01948581bd6589f750943b2539405ee236
-
SSDEEP
3072:Poqf1cFw2ssVYkECx673kN0GNMLc5LAf9S0tuUBcDa9FK4:PRguDCx673kNbMLhJc0I4
Malware Config
Targets
-
-
Target
041cbcff45eda23b35ac3ba549979158_JaffaCakes118
-
Size
196KB
-
MD5
041cbcff45eda23b35ac3ba549979158
-
SHA1
884f882ceb3447b1226f7a74d755865f7e7c4964
-
SHA256
e0df52d4e43ebe0271bd01cb88f77676dcb69c5f397c2dc718e7e83a2f651b8a
-
SHA512
369600de20f913220a43f4068b20b1a473c1f2bcb00fbd5ef1e27ec506726b024845ba0e75697989fc35fc0becf90f01948581bd6589f750943b2539405ee236
-
SSDEEP
3072:Poqf1cFw2ssVYkECx673kN0GNMLc5LAf9S0tuUBcDa9FK4:PRguDCx673kNbMLhJc0I4
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2