General
-
Target
0b13096f315d3eb80821a316ffc456ad_JaffaCakes118
-
Size
68KB
-
Sample
241002-rk413szhnj
-
MD5
0b13096f315d3eb80821a316ffc456ad
-
SHA1
fd4a9337843e8b14835e4046cfb9bffb2ac54643
-
SHA256
ca1029b583bd098d8d94dc982449af1dcbda0b211682ad1fc2c0c21c9706622c
-
SHA512
c341ad5f64a0fad60001a47a0b579ec258fef0d2528c54450a608d2d09991ca2896e3176dec6de7787eb03fc39dd1924a9761d644d1f07e09b4aec2d22a9408b
-
SSDEEP
768:pcBliTdGJHn4Al+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:WBIxcYAcqOK3qowgnt1d
Malware Config
Targets
-
-
Target
0b13096f315d3eb80821a316ffc456ad_JaffaCakes118
-
Size
68KB
-
MD5
0b13096f315d3eb80821a316ffc456ad
-
SHA1
fd4a9337843e8b14835e4046cfb9bffb2ac54643
-
SHA256
ca1029b583bd098d8d94dc982449af1dcbda0b211682ad1fc2c0c21c9706622c
-
SHA512
c341ad5f64a0fad60001a47a0b579ec258fef0d2528c54450a608d2d09991ca2896e3176dec6de7787eb03fc39dd1924a9761d644d1f07e09b4aec2d22a9408b
-
SSDEEP
768:pcBliTdGJHn4Al+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:WBIxcYAcqOK3qowgnt1d
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2