General
-
Target
0d1f6a1af7e1852820ed5a4e87d4ae69_JaffaCakes118
-
Size
240KB
-
Sample
241003-axztfsvfkn
-
MD5
0d1f6a1af7e1852820ed5a4e87d4ae69
-
SHA1
6cf7bd5106343117d56f420fc40a358f7b95fad5
-
SHA256
796e1f495697b2865ec7b8d2039807715a56fedfc77b99b4cbdff64772d9a9da
-
SHA512
9854d50f8fae84c30eaba90a3f58ee5d18f236ce60c62b9bf58a10fcf61a5c5161a9f93e568be8ff24bb596bdaa99117e1564e87c17cb44bec57f79b33dac0a1
-
SSDEEP
6144:1yM3dwqsNTNEXGlQR58EqxF6snji81RUinKq3aEESliD08:1fdQKjeaEEp7
Malware Config
Targets
-
-
Target
0d1f6a1af7e1852820ed5a4e87d4ae69_JaffaCakes118
-
Size
240KB
-
MD5
0d1f6a1af7e1852820ed5a4e87d4ae69
-
SHA1
6cf7bd5106343117d56f420fc40a358f7b95fad5
-
SHA256
796e1f495697b2865ec7b8d2039807715a56fedfc77b99b4cbdff64772d9a9da
-
SHA512
9854d50f8fae84c30eaba90a3f58ee5d18f236ce60c62b9bf58a10fcf61a5c5161a9f93e568be8ff24bb596bdaa99117e1564e87c17cb44bec57f79b33dac0a1
-
SSDEEP
6144:1yM3dwqsNTNEXGlQR58EqxF6snji81RUinKq3aEESliD08:1fdQKjeaEEp7
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2