General
-
Target
064921f4a00022800b51cd62262a63ac_JaffaCakes118
-
Size
204KB
-
Sample
241001-sfpk9svhqk
-
MD5
064921f4a00022800b51cd62262a63ac
-
SHA1
bc095d73589d8c47f3f81f86dc6c45713d922efb
-
SHA256
620a9012ea641d6b87834488b93d9a6217e6898afe3b6911df5359e37f2ec1b0
-
SHA512
e1d54d54eafc05207313ba216093553e66260eb5d2569583f3b246825e2a6e8e9035192ec211ee1bb13d10f414e5807ba9e8f186351cc2e2863fe5e6e5232bd8
-
SSDEEP
3072:MmSW8N0tQ9nLHbB9W0c1TqECzR/mkSYGrl9ymgYUWiS:3H24QxL7B9W0c1RCzR/fSmli
Malware Config
Targets
-
-
Target
064921f4a00022800b51cd62262a63ac_JaffaCakes118
-
Size
204KB
-
MD5
064921f4a00022800b51cd62262a63ac
-
SHA1
bc095d73589d8c47f3f81f86dc6c45713d922efb
-
SHA256
620a9012ea641d6b87834488b93d9a6217e6898afe3b6911df5359e37f2ec1b0
-
SHA512
e1d54d54eafc05207313ba216093553e66260eb5d2569583f3b246825e2a6e8e9035192ec211ee1bb13d10f414e5807ba9e8f186351cc2e2863fe5e6e5232bd8
-
SSDEEP
3072:MmSW8N0tQ9nLHbB9W0c1TqECzR/mkSYGrl9ymgYUWiS:3H24QxL7B9W0c1RCzR/fSmli
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2