General
-
Target
0ed62a2f302174fb8a9951a854ee8399_JaffaCakes118
-
Size
135KB
-
Sample
241003-kqc18avcjq
-
MD5
0ed62a2f302174fb8a9951a854ee8399
-
SHA1
606f9ae7b7da6feee80f5f43850095184f13f097
-
SHA256
eff0797f0c09f137a5649634c7b8b433bf834ea8a79c0294d3f09020f5dea655
-
SHA512
f25629cbc67b70035d8d5ed13af837f22e708189b89afb17e538cbd3c0f5de008adaa7c2e5fea343a37becedea45ed3bfe7922b01fd0790b8ba9ec0bdcc06a1b
-
SSDEEP
3072:DpQq5kpM9eUPb1WpXVxAaGBvbNvNbNJkvmhyPQbaDTUXGIDbwKDqCtrwdAxaVTtU:l3y+oIDbByGPMsMP
Malware Config
Targets
-
-
Target
0ed62a2f302174fb8a9951a854ee8399_JaffaCakes118
-
Size
135KB
-
MD5
0ed62a2f302174fb8a9951a854ee8399
-
SHA1
606f9ae7b7da6feee80f5f43850095184f13f097
-
SHA256
eff0797f0c09f137a5649634c7b8b433bf834ea8a79c0294d3f09020f5dea655
-
SHA512
f25629cbc67b70035d8d5ed13af837f22e708189b89afb17e538cbd3c0f5de008adaa7c2e5fea343a37becedea45ed3bfe7922b01fd0790b8ba9ec0bdcc06a1b
-
SSDEEP
3072:DpQq5kpM9eUPb1WpXVxAaGBvbNvNbNJkvmhyPQbaDTUXGIDbwKDqCtrwdAxaVTtU:l3y+oIDbByGPMsMP
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2