General
-
Target
090aba7b353f445aee0afb9eab3bd5ae_JaffaCakes118
-
Size
196KB
-
Sample
241002-ft54ysydqq
-
MD5
090aba7b353f445aee0afb9eab3bd5ae
-
SHA1
d3250503e2d24151983e04c587dfecf119465454
-
SHA256
87c18439bd90873f4cdaeec40e9b0f13700f1547b5c19cb7099f37618dab8f70
-
SHA512
8eae102ed9a3a35702c949090140bd3f632ce9bcea03d31778ca1717100d77e89c6c477da6773bfb64b4822b4c4575112add53d580e379116f1b170a0b5b19bf
-
SSDEEP
3072:Ay1CAgBt20tQ9nLHbB9WmvA7vejJWKvE+KmnA:1+24QxL7B9WjjejJW5Z
Malware Config
Targets
-
-
Target
090aba7b353f445aee0afb9eab3bd5ae_JaffaCakes118
-
Size
196KB
-
MD5
090aba7b353f445aee0afb9eab3bd5ae
-
SHA1
d3250503e2d24151983e04c587dfecf119465454
-
SHA256
87c18439bd90873f4cdaeec40e9b0f13700f1547b5c19cb7099f37618dab8f70
-
SHA512
8eae102ed9a3a35702c949090140bd3f632ce9bcea03d31778ca1717100d77e89c6c477da6773bfb64b4822b4c4575112add53d580e379116f1b170a0b5b19bf
-
SSDEEP
3072:Ay1CAgBt20tQ9nLHbB9WmvA7vejJWKvE+KmnA:1+24QxL7B9WjjejJW5Z
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2