General
-
Target
0cafdedcd756957a9455c2b485994e1b_JaffaCakes118
-
Size
268KB
-
Sample
241002-19e8patepd
-
MD5
0cafdedcd756957a9455c2b485994e1b
-
SHA1
fefbeb413c8fbfb7cb765603137fed92080af754
-
SHA256
e293104675d7ed2e4f15e699831d38765af7a770f2d84ac4d32de417d19b2cfd
-
SHA512
3fe7ffc0c5fb20c193e529f0049cf521074c6f621cb29d2efe39e23d0fb64ebf4cee5148cf22c3e3410a13b298ed38e52fdf441fee336a53dbd4fe47725d2f04
-
SSDEEP
3072:NzArnvRnvtnvtnv5nvxnvxnvanvcnv2nvDnvhnv7nvDnv5nvynvJnvVnvynvSnv:NzA
Malware Config
Targets
-
-
Target
0cafdedcd756957a9455c2b485994e1b_JaffaCakes118
-
Size
268KB
-
MD5
0cafdedcd756957a9455c2b485994e1b
-
SHA1
fefbeb413c8fbfb7cb765603137fed92080af754
-
SHA256
e293104675d7ed2e4f15e699831d38765af7a770f2d84ac4d32de417d19b2cfd
-
SHA512
3fe7ffc0c5fb20c193e529f0049cf521074c6f621cb29d2efe39e23d0fb64ebf4cee5148cf22c3e3410a13b298ed38e52fdf441fee336a53dbd4fe47725d2f04
-
SSDEEP
3072:NzArnvRnvtnvtnv5nvxnvxnvanvcnv2nvDnvhnv7nvDnv5nvynvJnvVnvynvSnv:NzA
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2