General
-
Target
0697830f09a3b5b5c2b272519582a027_JaffaCakes118
-
Size
232KB
-
Sample
241001-vasf3steka
-
MD5
0697830f09a3b5b5c2b272519582a027
-
SHA1
5848b3e87b476f8b5e85bda89786cd80fd05297b
-
SHA256
b452726f1b227079480abcc82ea3a081722eeca4a5f4b5af6936ea5852ff7598
-
SHA512
459c0a8a2da43aa47b8f076e8d9a5f059d12d86aa64088d323c65cc37260a162bfb354bb6ea5e61e21c16a3fccf1854a4d1f3da90903428add2333a4bde40e19
-
SSDEEP
3072:3N1ZfWRrIMNRlZ62Pal2LBJXmzOHm5WZ3K+MCelqiD8RUy3eL2mDH7z/5L5Jsr61:3NPepp3PJXCOGY3e3q5OyW9L5Jsr6Uc
Malware Config
Targets
-
-
Target
0697830f09a3b5b5c2b272519582a027_JaffaCakes118
-
Size
232KB
-
MD5
0697830f09a3b5b5c2b272519582a027
-
SHA1
5848b3e87b476f8b5e85bda89786cd80fd05297b
-
SHA256
b452726f1b227079480abcc82ea3a081722eeca4a5f4b5af6936ea5852ff7598
-
SHA512
459c0a8a2da43aa47b8f076e8d9a5f059d12d86aa64088d323c65cc37260a162bfb354bb6ea5e61e21c16a3fccf1854a4d1f3da90903428add2333a4bde40e19
-
SSDEEP
3072:3N1ZfWRrIMNRlZ62Pal2LBJXmzOHm5WZ3K+MCelqiD8RUy3eL2mDH7z/5L5Jsr61:3NPepp3PJXCOGY3e3q5OyW9L5Jsr6Uc
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2