General
-
Target
04e284b1a52219ebd90a8567914747b7_JaffaCakes118
-
Size
124KB
-
Sample
241001-jf2fdsxhmj
-
MD5
04e284b1a52219ebd90a8567914747b7
-
SHA1
59d93a7fa5004224c2ead8eb560c2eb146d5f5c6
-
SHA256
0eb5415884bc56e7a424c7c6910f5eaefa52955b220c39fca8fdfeaa9f25dc12
-
SHA512
4231e7fe56671f1ee6796038ad1211e882cd3bf4e629886b94b5cf064673b3cdf954916222872e3611be434d671c0ebafe991c6ed538c29b7f053edb5c621e1f
-
SSDEEP
3072:aZXS55JHPUTTBfsdbvJfzhImmYDWGFtWrifD:/5VPUTTBGbxuVYDWsX
Malware Config
Targets
-
-
Target
04e284b1a52219ebd90a8567914747b7_JaffaCakes118
-
Size
124KB
-
MD5
04e284b1a52219ebd90a8567914747b7
-
SHA1
59d93a7fa5004224c2ead8eb560c2eb146d5f5c6
-
SHA256
0eb5415884bc56e7a424c7c6910f5eaefa52955b220c39fca8fdfeaa9f25dc12
-
SHA512
4231e7fe56671f1ee6796038ad1211e882cd3bf4e629886b94b5cf064673b3cdf954916222872e3611be434d671c0ebafe991c6ed538c29b7f053edb5c621e1f
-
SSDEEP
3072:aZXS55JHPUTTBfsdbvJfzhImmYDWGFtWrifD:/5VPUTTBGbxuVYDWsX
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Browser Extensions
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
4