General
-
Target
0835fc62a4e119134071dc82bd380528_JaffaCakes118
-
Size
52KB
-
Sample
241002-bmqcpszcrm
-
MD5
0835fc62a4e119134071dc82bd380528
-
SHA1
29ddf609380f5fd937b8f67662b8344a1346f137
-
SHA256
106b8f0d099f00f2d496bcd9634fcfd7f1fb2bc9f5fc7ef7862bad442ce73c88
-
SHA512
7545934798e2af30715b566958a552fce3b5dd7317140201730872a4f9288f310055adb51a125104766b9a939eac645e6fc26f1732b12e0393b6051ed1a28294
-
SSDEEP
1536:CVR5BMkpRgF6UnEdn6qL+TSntSI6ctvtFdBHX4DwXHdDuhbytZ0kwrSX+:fsdn1LqkVO
Malware Config
Targets
-
-
Target
0835fc62a4e119134071dc82bd380528_JaffaCakes118
-
Size
52KB
-
MD5
0835fc62a4e119134071dc82bd380528
-
SHA1
29ddf609380f5fd937b8f67662b8344a1346f137
-
SHA256
106b8f0d099f00f2d496bcd9634fcfd7f1fb2bc9f5fc7ef7862bad442ce73c88
-
SHA512
7545934798e2af30715b566958a552fce3b5dd7317140201730872a4f9288f310055adb51a125104766b9a939eac645e6fc26f1732b12e0393b6051ed1a28294
-
SSDEEP
1536:CVR5BMkpRgF6UnEdn6qL+TSntSI6ctvtFdBHX4DwXHdDuhbytZ0kwrSX+:fsdn1LqkVO
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2