General
-
Target
11788dbb64c8b2d6424c6469e57b340c_JaffaCakes118
-
Size
132KB
-
Sample
241004-c1sknateke
-
MD5
11788dbb64c8b2d6424c6469e57b340c
-
SHA1
5cd01d574bb829486d5632ee5e2050e324cc591e
-
SHA256
300d7bdd1c49ff72ccd1011842cf10c1feef2aecb37048ffeb022804ef68f6b2
-
SHA512
a269f3e4ccab6e6139168b842cc0f2c1d9c8d1aa63450047d33fec882a4338e2dbc7044b3d04e6c3d9660523e0880359de564a2ce89525cb92732079d7f77e4d
-
SSDEEP
3072:utCbZSukOY8hrJFVNM/N/5sfqDfwqmWNw:2ork6hrJ3NON/5sGqW
Malware Config
Targets
-
-
Target
11788dbb64c8b2d6424c6469e57b340c_JaffaCakes118
-
Size
132KB
-
MD5
11788dbb64c8b2d6424c6469e57b340c
-
SHA1
5cd01d574bb829486d5632ee5e2050e324cc591e
-
SHA256
300d7bdd1c49ff72ccd1011842cf10c1feef2aecb37048ffeb022804ef68f6b2
-
SHA512
a269f3e4ccab6e6139168b842cc0f2c1d9c8d1aa63450047d33fec882a4338e2dbc7044b3d04e6c3d9660523e0880359de564a2ce89525cb92732079d7f77e4d
-
SSDEEP
3072:utCbZSukOY8hrJFVNM/N/5sfqDfwqmWNw:2ork6hrJ3NON/5sGqW
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2