General
-
Target
11c8c92d2a0139eedcd4d0e021fc6f9b_JaffaCakes118
-
Size
240KB
-
Sample
241004-esfx1atelq
-
MD5
11c8c92d2a0139eedcd4d0e021fc6f9b
-
SHA1
e5e676e45c653bd8c50b12d16ae223af5628a687
-
SHA256
5e591f8d984122d718b1a00062af8358c0908af7dda7a7e03ebbaff47cd7ffcd
-
SHA512
a3571ee06d83ed54da82f133b65c9d2fc57acd83a952c373e7e555cc4e2a92203899e38d19d10d3d65495a8730b1ab3cb4deaacbe9bcc4c807020d3366fe4a23
-
SSDEEP
6144:Z73dwqsNTNEXGlQR58EqxF6snji81RUinKq3aEESliDY:ZrdQKjeaEEp
Malware Config
Targets
-
-
Target
11c8c92d2a0139eedcd4d0e021fc6f9b_JaffaCakes118
-
Size
240KB
-
MD5
11c8c92d2a0139eedcd4d0e021fc6f9b
-
SHA1
e5e676e45c653bd8c50b12d16ae223af5628a687
-
SHA256
5e591f8d984122d718b1a00062af8358c0908af7dda7a7e03ebbaff47cd7ffcd
-
SHA512
a3571ee06d83ed54da82f133b65c9d2fc57acd83a952c373e7e555cc4e2a92203899e38d19d10d3d65495a8730b1ab3cb4deaacbe9bcc4c807020d3366fe4a23
-
SSDEEP
6144:Z73dwqsNTNEXGlQR58EqxF6snji81RUinKq3aEESliDY:ZrdQKjeaEEp
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2