General
-
Target
0841755ac61ecaa7a56faf88318cc321_JaffaCakes118
-
Size
68KB
-
Sample
241002-bv6pnathjf
-
MD5
0841755ac61ecaa7a56faf88318cc321
-
SHA1
fd6f8dedda752995233ebe027252ae6f44b14a70
-
SHA256
023a6086a551b946db24f82a4b60a0a48769bf582bd49f8e1b79bfe1e7126cb4
-
SHA512
f1117c497c0046ffe8527632fe12f44f177012f63a96d988681bcbd0e5457ad8a67672aca5e7b0c2f201ef5b7ebb12b33239095ae4d5809d891d4db8fa99d3db
-
SSDEEP
768:SceliTdyJSAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:peIxySAcqOK3qowgnt1d
Malware Config
Targets
-
-
Target
0841755ac61ecaa7a56faf88318cc321_JaffaCakes118
-
Size
68KB
-
MD5
0841755ac61ecaa7a56faf88318cc321
-
SHA1
fd6f8dedda752995233ebe027252ae6f44b14a70
-
SHA256
023a6086a551b946db24f82a4b60a0a48769bf582bd49f8e1b79bfe1e7126cb4
-
SHA512
f1117c497c0046ffe8527632fe12f44f177012f63a96d988681bcbd0e5457ad8a67672aca5e7b0c2f201ef5b7ebb12b33239095ae4d5809d891d4db8fa99d3db
-
SSDEEP
768:SceliTdyJSAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:peIxySAcqOK3qowgnt1d
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2