General
-
Target
0a36fe1831e0aeb8d44615bdcaf30748_JaffaCakes118
-
Size
172KB
-
Sample
241002-mjpgsa1dpr
-
MD5
0a36fe1831e0aeb8d44615bdcaf30748
-
SHA1
2a26fbf980e15188b10969c6dcd2ebe87e90fcc7
-
SHA256
63e1cf057e95c84dd71f37fb099f8552ce65424f9945be37a22ef7994fa77c2d
-
SHA512
7a0555d8660763b319be38ec26169074cd4bc2e667f7c536b56b741754522729ed30a87ad1dc0adab34c6b76ce53bda799bc0f30d97f52e60a2f98bd99096aba
-
SSDEEP
3072:9b3QXXeRgw3tiKnvmb7/D26nYNpnHzqTT8RUFwjkKvLg3dvCgIHzmWZAlGbBmiBN:BAXXeR1UKnvmb7/D26nSnTqTT8RUFwjL
Malware Config
Targets
-
-
Target
0a36fe1831e0aeb8d44615bdcaf30748_JaffaCakes118
-
Size
172KB
-
MD5
0a36fe1831e0aeb8d44615bdcaf30748
-
SHA1
2a26fbf980e15188b10969c6dcd2ebe87e90fcc7
-
SHA256
63e1cf057e95c84dd71f37fb099f8552ce65424f9945be37a22ef7994fa77c2d
-
SHA512
7a0555d8660763b319be38ec26169074cd4bc2e667f7c536b56b741754522729ed30a87ad1dc0adab34c6b76ce53bda799bc0f30d97f52e60a2f98bd99096aba
-
SSDEEP
3072:9b3QXXeRgw3tiKnvmb7/D26nYNpnHzqTT8RUFwjkKvLg3dvCgIHzmWZAlGbBmiBN:BAXXeR1UKnvmb7/D26nSnTqTT8RUFwjL
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2