General
-
Target
084810dcc24fdc07ec4309a4b7f0cc09_JaffaCakes118
-
Size
176KB
-
Sample
241002-b1qwds1blk
-
MD5
084810dcc24fdc07ec4309a4b7f0cc09
-
SHA1
ebc3afda5d97678f6e78ab65d3509a47019a77f2
-
SHA256
0d3fb6dce829b8ade62099171f5f20ca4b1015313e57322111ba9dfc1ac55493
-
SHA512
06b6703ac54900ce1753222771aa2756f32e397621b55119b7b30be970cf7197bdd0a5e2eaefc6bab999f2343c8438cc5cecc8f5b82a7c2f4b6de85b639b75af
-
SSDEEP
3072:Qi7TrsN84VIIuKnvmb7/D26MPiuORvW+msEbxqaaa+torsQs17Na9Ala:QWrsN84VQKnvmb7/D26M6uORvW+msEbf
Malware Config
Targets
-
-
Target
084810dcc24fdc07ec4309a4b7f0cc09_JaffaCakes118
-
Size
176KB
-
MD5
084810dcc24fdc07ec4309a4b7f0cc09
-
SHA1
ebc3afda5d97678f6e78ab65d3509a47019a77f2
-
SHA256
0d3fb6dce829b8ade62099171f5f20ca4b1015313e57322111ba9dfc1ac55493
-
SHA512
06b6703ac54900ce1753222771aa2756f32e397621b55119b7b30be970cf7197bdd0a5e2eaefc6bab999f2343c8438cc5cecc8f5b82a7c2f4b6de85b639b75af
-
SSDEEP
3072:Qi7TrsN84VIIuKnvmb7/D26MPiuORvW+msEbxqaaa+torsQs17Na9Ala:QWrsN84VQKnvmb7/D26M6uORvW+msEbf
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2