General
-
Target
0ad6eebf5e0b64b0442c40d85d5be69d_JaffaCakes118
-
Size
204KB
-
Sample
241002-qh2x9sxglj
-
MD5
0ad6eebf5e0b64b0442c40d85d5be69d
-
SHA1
afcf1d07f4af11f14669f4b0959490d58010613d
-
SHA256
a2d6467a8f3d619a18fcae54b0aaae999680258dd8f1c28b00e3c8fbf2b1f5d4
-
SHA512
e5e51ad921a830b219da0fcb4e093ca6ec7b6f21b3fa56b7e6b42db005e454eab4372c2cc35b81893374e72e084defeaee5748233422280d5f8c31fa808d6d06
-
SSDEEP
3072:xN360tQ9nLHbB9W+U1TqEYzR/mkSYGrl9ymgYUWup:xh64QxL7B9W+U1RYzR/fSmlh
Malware Config
Targets
-
-
Target
0ad6eebf5e0b64b0442c40d85d5be69d_JaffaCakes118
-
Size
204KB
-
MD5
0ad6eebf5e0b64b0442c40d85d5be69d
-
SHA1
afcf1d07f4af11f14669f4b0959490d58010613d
-
SHA256
a2d6467a8f3d619a18fcae54b0aaae999680258dd8f1c28b00e3c8fbf2b1f5d4
-
SHA512
e5e51ad921a830b219da0fcb4e093ca6ec7b6f21b3fa56b7e6b42db005e454eab4372c2cc35b81893374e72e084defeaee5748233422280d5f8c31fa808d6d06
-
SSDEEP
3072:xN360tQ9nLHbB9W+U1TqEYzR/mkSYGrl9ymgYUWup:xh64QxL7B9W+U1RYzR/fSmlh
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2