General
-
Target
06df79ca59eeae357937b4239a9a01e1_JaffaCakes118
-
Size
448KB
-
Sample
241001-ww6fhatelk
-
MD5
06df79ca59eeae357937b4239a9a01e1
-
SHA1
35f49801418c13dcbfc226d5fb51e10aec3872e4
-
SHA256
24127329aa771c0690c50a6e41785a97a21f18fb81d86c74a4bfc9d3ca42a1f8
-
SHA512
c1e1f36469c6189685675aa926271a17c835f270e1c50dfb91717ffb0effe7dad89021101fcce66c7e5f5ee10fb493cd7049930220b1fc175660b06b9eba4f10
-
SSDEEP
6144:+Kop2pY6jqFk7qFoQudlhiweamej7jII7cerFG1:+Kop2pYl2QudfRMzcFw
Malware Config
Targets
-
-
Target
06df79ca59eeae357937b4239a9a01e1_JaffaCakes118
-
Size
448KB
-
MD5
06df79ca59eeae357937b4239a9a01e1
-
SHA1
35f49801418c13dcbfc226d5fb51e10aec3872e4
-
SHA256
24127329aa771c0690c50a6e41785a97a21f18fb81d86c74a4bfc9d3ca42a1f8
-
SHA512
c1e1f36469c6189685675aa926271a17c835f270e1c50dfb91717ffb0effe7dad89021101fcce66c7e5f5ee10fb493cd7049930220b1fc175660b06b9eba4f10
-
SSDEEP
6144:+Kop2pY6jqFk7qFoQudlhiweamej7jII7cerFG1:+Kop2pYl2QudfRMzcFw
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2