General
-
Target
0fa7f59e13a3f9e349afeb0837666776_JaffaCakes118
-
Size
268KB
-
Sample
241003-t5g36avgqk
-
MD5
0fa7f59e13a3f9e349afeb0837666776
-
SHA1
8589baebf5e525e7ad3bf36f6ec79adcea0b8dd7
-
SHA256
c3587b09ffe29b0f3855772fefb43a4bd45b86c8c62351f03ef0863e28c2645d
-
SHA512
d2b3d889f691388563c8fcecfbf8a01555a8131a0d639f09358b74fb934719e177552bc64fbac8d2dc5ab1223df910b5a72752e7a729c67f184c6f95c7a51c0c
-
SSDEEP
3072:RE4rAUww0sPUTVY7fhINP7JsfLBsyVEJ8Ixjtmkp44upWuTNgX8Tjee/L1pxW6g3:GMlsgfuNPK5VEVtmk4DAuTxeOxa
Malware Config
Targets
-
-
Target
0fa7f59e13a3f9e349afeb0837666776_JaffaCakes118
-
Size
268KB
-
MD5
0fa7f59e13a3f9e349afeb0837666776
-
SHA1
8589baebf5e525e7ad3bf36f6ec79adcea0b8dd7
-
SHA256
c3587b09ffe29b0f3855772fefb43a4bd45b86c8c62351f03ef0863e28c2645d
-
SHA512
d2b3d889f691388563c8fcecfbf8a01555a8131a0d639f09358b74fb934719e177552bc64fbac8d2dc5ab1223df910b5a72752e7a729c67f184c6f95c7a51c0c
-
SSDEEP
3072:RE4rAUww0sPUTVY7fhINP7JsfLBsyVEJ8Ixjtmkp44upWuTNgX8Tjee/L1pxW6g3:GMlsgfuNPK5VEVtmk4DAuTxeOxa
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2