General
-
Target
08398bf14a0e9f103524295e32fe72ef_JaffaCakes118
-
Size
228KB
-
Sample
241002-bqbcystepb
-
MD5
08398bf14a0e9f103524295e32fe72ef
-
SHA1
276d0d81bad472cced37fff3bd9353ec5e0a156a
-
SHA256
c06762d298cb4f60489106f84b5e8799c6e39e2a4d75a4bdaf2dd060a4c164da
-
SHA512
e6d4b798caec12102ee7e83153c1b1a3aa75928992eef583073387760a36c6c0a4bf0568331db2510091d59626a38da34a44f896ce8a365c18a5cf7f4afd16b3
-
SSDEEP
6144:9ER3PFKs7aaOKW8alhrEqxF6snji81RUinKGHgD7Sh:9EdPhvENPH670
Malware Config
Targets
-
-
Target
08398bf14a0e9f103524295e32fe72ef_JaffaCakes118
-
Size
228KB
-
MD5
08398bf14a0e9f103524295e32fe72ef
-
SHA1
276d0d81bad472cced37fff3bd9353ec5e0a156a
-
SHA256
c06762d298cb4f60489106f84b5e8799c6e39e2a4d75a4bdaf2dd060a4c164da
-
SHA512
e6d4b798caec12102ee7e83153c1b1a3aa75928992eef583073387760a36c6c0a4bf0568331db2510091d59626a38da34a44f896ce8a365c18a5cf7f4afd16b3
-
SSDEEP
6144:9ER3PFKs7aaOKW8alhrEqxF6snji81RUinKGHgD7Sh:9EdPhvENPH670
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2