General
-
Target
0748886fcd34a6df25786cac4c85b368_JaffaCakes118
-
Size
60KB
-
Sample
241001-y43exssemb
-
MD5
0748886fcd34a6df25786cac4c85b368
-
SHA1
95db639907243f34ef7695082801e48605c78f63
-
SHA256
76c325dd2c7f5d3891f11fe6cd0af0618f35c98e508eef3840ef8c1438df27a6
-
SHA512
ca6597c681f21da160abb4e4e1b928e7a81b966c1d4455cd3818c40cfe43af5454c4f29efbe8dbdc6e89c10825d0903e580ff5e5e8d8053484d2bdcea7afac54
-
SSDEEP
768:+Xdx1BIFeaEtirGxj2D2n/z/D0lbdfs3OfKDHGqHg6WBM:+Xh5a9rsj2a/Dxg6WBM
Malware Config
Targets
-
-
Target
0748886fcd34a6df25786cac4c85b368_JaffaCakes118
-
Size
60KB
-
MD5
0748886fcd34a6df25786cac4c85b368
-
SHA1
95db639907243f34ef7695082801e48605c78f63
-
SHA256
76c325dd2c7f5d3891f11fe6cd0af0618f35c98e508eef3840ef8c1438df27a6
-
SHA512
ca6597c681f21da160abb4e4e1b928e7a81b966c1d4455cd3818c40cfe43af5454c4f29efbe8dbdc6e89c10825d0903e580ff5e5e8d8053484d2bdcea7afac54
-
SSDEEP
768:+Xdx1BIFeaEtirGxj2D2n/z/D0lbdfs3OfKDHGqHg6WBM:+Xh5a9rsj2a/Dxg6WBM
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2