General
-
Target
04685fd6e708c49a8d9109f31c4bf9d8_JaffaCakes118
-
Size
168KB
-
Sample
241001-fbvv9svfqd
-
MD5
04685fd6e708c49a8d9109f31c4bf9d8
-
SHA1
1600b34a93abafb7c520dac394a23dcdee525eba
-
SHA256
edf5a9099bce94ec8f91f7a0be1200c706c19b658d52e624cc61b63b7560e84e
-
SHA512
bc3f9b5d40092c801996104892d3eaff926ae8226b17d5981c6fbf6b552400a461027bb28a69269f2e09f882e84fb8538f103f5ee826e4e7b00790829fbd7eb6
-
SSDEEP
1536:+Wsulp5+eroCqSaWi1BmQT8gEA2ibO/aDyrOt80BRU1sHzsNfB5R1RccQY:9+CzXtQY
Malware Config
Targets
-
-
Target
04685fd6e708c49a8d9109f31c4bf9d8_JaffaCakes118
-
Size
168KB
-
MD5
04685fd6e708c49a8d9109f31c4bf9d8
-
SHA1
1600b34a93abafb7c520dac394a23dcdee525eba
-
SHA256
edf5a9099bce94ec8f91f7a0be1200c706c19b658d52e624cc61b63b7560e84e
-
SHA512
bc3f9b5d40092c801996104892d3eaff926ae8226b17d5981c6fbf6b552400a461027bb28a69269f2e09f882e84fb8538f103f5ee826e4e7b00790829fbd7eb6
-
SSDEEP
1536:+Wsulp5+eroCqSaWi1BmQT8gEA2ibO/aDyrOt80BRU1sHzsNfB5R1RccQY:9+CzXtQY
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2