General
-
Target
0dbf0408f67185c2e78e6d06d20ed342_JaffaCakes118
-
Size
176KB
-
Sample
241003-d8mj2ssgmq
-
MD5
0dbf0408f67185c2e78e6d06d20ed342
-
SHA1
fc34d91a456b1f328bf168091f9411de2476acac
-
SHA256
b7794ef94aee52bf8a16e6a9df2f6c19b831986daee41061eb65f0999604ff11
-
SHA512
be34789ede9641e5ae5e0cc9b2c87d0abb2cd006871da3457a84ab53dbf08a3d0ccf199808cd4caadb139b4695b2d0967341b56ea3b6cb323b8f0bc8f2fbe654
-
SSDEEP
3072:yfRmy/jynvgWK/fObT/bGiSEIGsbv0OpxYTNPybtDKvS3i:hyG3K/fObT/bGiSE5sj3xYTNPybtDKv9
Malware Config
Targets
-
-
Target
0dbf0408f67185c2e78e6d06d20ed342_JaffaCakes118
-
Size
176KB
-
MD5
0dbf0408f67185c2e78e6d06d20ed342
-
SHA1
fc34d91a456b1f328bf168091f9411de2476acac
-
SHA256
b7794ef94aee52bf8a16e6a9df2f6c19b831986daee41061eb65f0999604ff11
-
SHA512
be34789ede9641e5ae5e0cc9b2c87d0abb2cd006871da3457a84ab53dbf08a3d0ccf199808cd4caadb139b4695b2d0967341b56ea3b6cb323b8f0bc8f2fbe654
-
SSDEEP
3072:yfRmy/jynvgWK/fObT/bGiSEIGsbv0OpxYTNPybtDKvS3i:hyG3K/fObT/bGiSE5sj3xYTNPybtDKv9
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2