General

  • Target

    05f40868ddde387931f2a84ee57ad3da_JaffaCakes118

  • Size

    1.3MB

  • Sample

    241001-qg418s1drk

  • MD5

    05f40868ddde387931f2a84ee57ad3da

  • SHA1

    5679c1b96ca2ebcf827543d2fdf2a33ab532cdd0

  • SHA256

    7bee4910d513e61a748462cfe142ac05694271dfbc4ae68244a752bab82e7e93

  • SHA512

    9524e6c243c8eec9d2c0842bcfb64ac93949a9bcf36f1a7c1dfc98a543f9e6765ad9c12b1ce60064bed98fa2b424b47fababc3e28974070415844848535b0130

  • SSDEEP

    24576:IDWHSb4NV2f7ngWJP03hoycVx32pMlx8mw7Z/uELbDVq0:D84WWxjpCLwlugV1

Malware Config

Targets

    • Target

      05f40868ddde387931f2a84ee57ad3da_JaffaCakes118

    • Size

      1.3MB

    • MD5

      05f40868ddde387931f2a84ee57ad3da

    • SHA1

      5679c1b96ca2ebcf827543d2fdf2a33ab532cdd0

    • SHA256

      7bee4910d513e61a748462cfe142ac05694271dfbc4ae68244a752bab82e7e93

    • SHA512

      9524e6c243c8eec9d2c0842bcfb64ac93949a9bcf36f1a7c1dfc98a543f9e6765ad9c12b1ce60064bed98fa2b424b47fababc3e28974070415844848535b0130

    • SSDEEP

      24576:IDWHSb4NV2f7ngWJP03hoycVx32pMlx8mw7Z/uELbDVq0:D84WWxjpCLwlugV1

    • Possible privilege escalation attempt

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • Drops file in System32 directory

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v15

Tasks