General
-
Target
0688944fdf1cbc90e949bc7803c1ce32_JaffaCakes118
-
Size
224KB
-
Sample
241001-ty7egashph
-
MD5
0688944fdf1cbc90e949bc7803c1ce32
-
SHA1
812b6fb05635dda72f8298ee4323bd98dd8b32b0
-
SHA256
b42e89aed9e761cb543c5b811eb15ef534e593607063863d2a9f55259d294b8b
-
SHA512
dd5ef96ce80ba578e7b2855bca8fec36d5aeeb2cbdceffaea94438468adb9dbbb761413257292f6d7dc4be2882e03675dce85d1e1df9e854c6d6fa84ef7abe33
-
SSDEEP
3072:oXyqNsMoBu6ZVpl2mclbj4Uvx+8ysNOu+2eRcKksU61JkkX39RLrw4ySKUbax2+l:HqN5Sp4LnbmlrZW
Malware Config
Targets
-
-
Target
0688944fdf1cbc90e949bc7803c1ce32_JaffaCakes118
-
Size
224KB
-
MD5
0688944fdf1cbc90e949bc7803c1ce32
-
SHA1
812b6fb05635dda72f8298ee4323bd98dd8b32b0
-
SHA256
b42e89aed9e761cb543c5b811eb15ef534e593607063863d2a9f55259d294b8b
-
SHA512
dd5ef96ce80ba578e7b2855bca8fec36d5aeeb2cbdceffaea94438468adb9dbbb761413257292f6d7dc4be2882e03675dce85d1e1df9e854c6d6fa84ef7abe33
-
SSDEEP
3072:oXyqNsMoBu6ZVpl2mclbj4Uvx+8ysNOu+2eRcKksU61JkkX39RLrw4ySKUbax2+l:HqN5Sp4LnbmlrZW
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2